[sudo-users] Sorry, user me is not allowed to execute 'cmd' as me:Media on machinename
L A Walsh
sudo at tlinx.org
Thu Mar 29 15:09:08 MDT 2018
This seems a bit odd.
I have a user id 'me' that has a primary group of 'megroup'.
'me' is in the sudoer's file as:
me ALL=(ALL) NOPASSWD: SETENV: ALL
so I can pretty much do anything root can do (I think).
What I wanted to do in this situation was just
change my primary group to 'Media' and reexecute
the current command:
exec sudo -E -g "Media" $0 "$@"
But got the error message:
Sorry, user me is not allowed to execute 'cmd' as me:Media on machinename.
I don't understand why.
If 'me' can execute anything, AND 'me' is already a member of group Media,
why can't I have sudo execute a command with UID=me, and primary GID=Media?
It seems counter-intuitive to disallow 'me' to promote one of my auxiliary
groups to primary, especially since I'd think I should be able to execute
any command. What am I missing? Thanks much!
> sudo --version
Sudo version 1.8.10p3
Sudoers policy plugin version 1.8.10p3
Sudoers file grammar version 43
Sudoers I/O plugin version 1.8.10p3
More information about the sudo-users
mailing list