[sudo-users] Sorry, user me is not allowed to execute 'cmd' as me:Media on machinename

Todd C. Miller Todd.Miller at sudo.ws
Thu Mar 29 17:22:19 MDT 2018


The short answer is you probably just want:

me ALL=(ALL:ALL) NOPASSWD: SETENV: ALL

The long answer is that the sudoers file determines what users and
groups a command may be run as.  Both users and groups need to be
explicitly allowed in sudoers.  There is a special case for running
a command as the invoking user but there is not a currently a special
case for running the command as the invoking user *and* one of the
invoking user's groups.  I agree it would make sense for sudo to
allow this, but currently it does not.

 - todd


More information about the sudo-users mailing list