[sudo-users] Allow user to run command with specific arguments

Bernard Fay bernard.fay at gmail.com
Thu Aug 2 11:26:12 MDT 2018


Hello,

I try to configure sudoers to allow a user to execute "/sbin/multipath -l"
and only the -l argument, none of the other arguments available to
multipath.

So far, I tried the following:

Cmnd_Alias      MPATHL    = /sbin/multipath -l
Cmnd_Alias      MPATHL    = /sbin/multipath -l, ! /sbin/multipath -[a-zA-Z]*
Cmnd_Alias      MPATHL    = /sbin/multipath -l, ! /sbin/multipath ""

and

%wheel ALL=(ALL) NOPASSWD: MPATHL

But none of the Cmnd_Alias tested gave the desired result.

How can this be achieved?
Thanks,


More information about the sudo-users mailing list