[sudo-users] cvtsudoers in 1.8.23

Todd C. Miller Todd.Miller at sudo.ws
Fri Mar 30 13:23:17 MDT 2018


I've mentioned cvtsudoers here before so I thought some of you might
like an update.  Sudo 1.8.23 beta 2 is now out and contains a
cvtsudoers utility that can convert sudoers <-> LDAP, sudoers ->
JSON and sudoers -> sudoers.

The interesting part about sudoers -> sudoers conversion is that
it can also do some limited filtering; for instance filter by host,
user or group.  It is also possible to omit certain sudoers section
types such as defaults, aliases or privileges.  This may be useful
as the basis a reporting script.

Currently, the filtering acts more like a grep of the policy in
that any rules that match the filter are displayed more or less
verbatim.  That is, is a rule contains multiple users it is displayed
as-is; the non-matching users not not pruned out.  This is likely
to change in the future, though.

I'm open to feedback if you are interested in giving it a spin.
You can find out more about beta versions of sudo at
https://www.sudo.ws/devel.html

 - todd


More information about the sudo-users mailing list