On 2/4/20 10:01 AM, Mauricio Tavares wrote:
On Tue, Feb 4, 2020 at 12:49 PM Todd Zullinger <tmz(a)pobox.com>
wrote:
>
> Hi,
>
> Mario Michele Macaluso wrote:
>> Il 03/02/20 22:23, Mike Wright ha scritto:
>>> Cmnd_Alias LXC=/usr/bin/lxc
>>>
>>> root ALL=(ALL:ALL) ALL
>>> mike ALL=(ALL) NOPASSWD:LXC
>>
>> I'm not sure, but it could be (space required)
>>
>> mike ALL=(ALL) NOPASSWD: LXC
>
> White space is optional there, so that shouldn't have any
> effect.
>
> The sudoers(5) man page says:
>
> White space between elements in a list as well as
> special syntactic characters in a User Specification
> (‘=’, ‘:’, ‘(’, ‘)’) is optional.
>
> And FWIW, I have working rules with and without spaces¹.
>
> My bet is on another rule interfering, due to user mike
> being in group admin or sudo. I've run into that myself.
>
> ¹ Because the rules were added at different times by
> different people, not because I like to have messy white
> space. ;)
>
It is possible the sudoers file behaves in a "last line wins"
fashion. Move your lxc line to the end of the file and try again.
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="some_path"
# Cmnd alias specification
Cmnd_Alias LXC=/usr/bin/lxc
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# User privilege specification
root ALL=(ALL:ALL) ALL
mike ALL=(ALL) NOPASSWD:LXC
----
sudoers.d is empty
launching an xterm from the cli then entering in the new xterm:
lxc list
and I get a password prompt. Absolutely no clue.