[sudo-users] Stuck in Cmnd_Alias

[leam hall]

Matthew, sorry, I misspoke. I had some success late last night but forgot
which part worked. Coffee here is still kicking in.

This works in /etc/sudoers.d/testsudo

  testsudo        ALL = (ALL) NOPASSWD: ALL


Results:

[testsudo at shaphan ~]$ sudo su -
[root at shaphan ~]#

If I change to YUM_UPDATE:

testsudo file:

Cmnd_Alias YUM_UPDATE = /usr/bin/yum update
testsudo        ALL = YUM_UPDATE


Results:

[testsudo at shaphan ~]$ yum update
Loaded plugins: auto-update-debuginfo, fastestmirror, refresh-packagekit,
              : security, versionlock
You need to be root to perform this command.
[testsudo at shaphan ~]$ /usr/bin/yum update
Loaded plugins: auto-update-debuginfo, fastestmirror, refresh-packagekit,
              : security, versionlock
You need to be root to perform this command.


On Thu, Oct 6, 2016 at 8:45 AM, Stier, Matthew <Matthew.Stier at us.fujitsu.com
> wrote:

> How is the former working.  Are you invoking: /usr/bin/sudo /usr/bin/sudo
> su -
>
> How are the later failing?
>
>
> -----Original Message-----
> From: sudo-users [mailto:sudo-users-bounces at sudo.ws] On Behalf Of Leam
> Hall
> Sent: Thursday, October 06, 2016 7:39 AM
> To: sudo-users at sudo.ws
> Subject: [sudo-users] Stuck in Cmnd_Alias
>
> Trying to move to /etc/sudoers.d files for most everything. Having
> trouble on a CentOS 6 box. What am I missing?
>
> Thanks!
>
> Leam
> ### /etc/sudoers.d/testsudo
>
> # This works:
> testsudo       ALL = /usr/bin/sudo su -
>
> # Commenting out the above and changing to a Cmnd_Alias fails.
> Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
> Cmnd_Alias YUM_UPDATE = /usr/bin/yum update
> testsudo        ALL = SOFTWARE,YUM_UPDATE
>
> ###
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> https://www.sudo.ws/mailman/listinfo/sudo-users
>



-- 
Mind on a Mission <http://leamhall.blogspot.com/>