[sudo-users] Displaying errors to users
seph
seph at directionless.org
Tue Nov 14 09:19:59 MST 2017
> Do you not receive a warning when the user tries to run a command
> not listed in sudoers?
Correct, I do not.
On an ubuntu xenial test virtual machine:
default-ubuntu-1604% sudo -V
Sudo version 1.8.16
Sudoers policy plugin version 1.8.16
Sudoers file grammar version 45
Sudoers I/O plugin version 1.8.16
Using a very small configuration:
Defaults passwd_tries=0, passwd_timeout=0
ALL ALL=(ALL:ALL) NOPASSWD: !/bin/cat
%vagrant ALL=(ALL) NOPASSWD:ALL
frank ALL=(ALL:ALL) NOPASSWD: /bin/ls
I get:
default-ubuntu-1604% sudo ls; echo $?
0
default-ubuntu-1604% sudo id; echo $?
1
default-ubuntu-1604% sudo cat; echo $?
Sorry, user frank is not allowed to execute '/bin/cat' as root on
default-ubuntu-1604.
1
--
seph
seph at directionless.org
More information about the sudo-users
mailing list