[sudo-workers] sudo -l return code

Allan McAleavy allan.mcaleavy at gmail.com
Mon Aug 29 09:36:48 MDT 2016

Hi Folks

Not sure if this is the correct list for this question. I see that when I
search ldap for a specific command i.e. /bin/ps for a user rule which
exists then I get a return of 0 when i echo $?. If I pick a command which I
am not allowed to run i.e. /bin/false the return code again is 0. The man
page states that it should return 1 if the command is not allowed. If I
check for a command which does not exist /bin/notexist I get a 1 return
code as I believe the stat call fails from within match.c

$ sudo -l /bin/notexist
$ echo $?

$ sudo -l /bin/ps
(sample debug)
sudo: ldap sudoCommand '/bin/ps' ... MATCH!
$echo $?
$ sudo -l /bin/false
sudo: ldap sudoCommand '/bin/ps' ... not
sudo: removing reusable search result
$ echo $?

Is this a bug?


More information about the sudo-workers mailing list