[sudo-workers] sudo -l return code
Allan McAleavy
allan.mcaleavy at gmail.com
Mon Aug 29 09:36:48 MDT 2016
Hi Folks
Not sure if this is the correct list for this question. I see that when I
search ldap for a specific command i.e. /bin/ps for a user rule which
exists then I get a return of 0 when i echo $?. If I pick a command which I
am not allowed to run i.e. /bin/false the return code again is 0. The man
page states that it should return 1 if the command is not allowed. If I
check for a command which does not exist /bin/notexist I get a 1 return
code as I believe the stat call fails from within match.c
Example
$ sudo -l /bin/notexist
$ echo $?
1
$ sudo -l /bin/ps
(sample debug)
sudo: ldap sudoCommand '/bin/ps' ... MATCH!
$echo $?
0
$ sudo -l /bin/false
sudo: ldap sudoCommand '/bin/ps' ... not
/bin/false
sudo: removing reusable search result
$ echo $?
0
Is this a bug?
Thanks
Al
More information about the sudo-workers
mailing list