[sudo-users] how to preserve functions in script for calling by sudo?
Todd C. Miller
Todd.Miller at courtesan.com
Fri Jun 2 13:21:33 MDT 2017
On Fri, 02 Jun 2017 02:01:59 -0700, "L. A. Walsh" wrote:
> Unfortunately, it seems sudo is removing all of the
> functions passed in the environment even though I have
> !env_reset in my config file.
>
> How do I allow root to run the functions in my script without having
> to run as root all-the-time when the script is running.
>
> Seems like requiring root to be used all the time rather than for
> a few tightly controlled functions is considerably more risky.
Currently, sudo always strips out bash functions from the environment
even when env_reset is disabled.
When env_reset is *not* disabled, you can add specific bash functions
to the env_keep list. For example, for a function call "ll" and
post-shellshock version of bash you could use the following:
Defaults env_keep += "BASH_FUNC_ll%%=()*"
- todd
More information about the sudo-users
mailing list