[sudo-users] Displaying errors to users
seph
seph at directionless.org
Mon Nov 13 20:32:31 MST 2017
In my environment, users have a large set of whitelisted commands, and
everything else is denied by default.
For usability sake, I'd like sudo to tell them when something is denied.
It does exit with an error code of 1, but that's pretty subtle.
I notice that sudo will error if the command is blocked, so I can hack
something with:
> ALL ALL=(ALL:ALL) NOPASSWD: !ALL
> %group ALL=(ALL:ALL) NOPASSWD: COMMAND_LIST
But I'm hoping there's something cleaner.
help?
--
seph
seph at directionless.org
More information about the sudo-users
mailing list