On 2/4/20 10:01 AM, Mauricio Tavares wrote:
On Tue, Feb 4, 2020 at 12:49 PM Todd Zullinger tmz@pobox.com wrote:
Hi,
Mario Michele Macaluso wrote:
Il 03/02/20 22:23, Mike Wright ha scritto:
Cmnd_Alias LXC=/usr/bin/lxc
root ALL=(ALL:ALL) ALL mike ALL=(ALL) NOPASSWD:LXC
I'm not sure, but it could be (space required)
mike ALL=(ALL) NOPASSWD: LXC
White space is optional there, so that shouldn't have any effect.
The sudoers(5) man page says:
White space between elements in a list as well as special syntactic characters in a User Specification (‘=’, ‘:’, ‘(’, ‘)’) is optional.And FWIW, I have working rules with and without spaces¹.
My bet is on another rule interfering, due to user mike being in group admin or sudo. I've run into that myself.
¹ Because the rules were added at different times by different people, not because I like to have messy white space. ;)
It is possible the sudoers file behaves in a "last line wins"fashion. Move your lxc line to the end of the file and try again.
Defaults env_reset Defaults mail_badpass Defaults secure_path="some_path"
# Cmnd alias specification Cmnd_Alias LXC=/usr/bin/lxc
# Members of the admin group may gain root privileges %admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL
# User privilege specification root ALL=(ALL:ALL) ALL mike ALL=(ALL) NOPASSWD:LXC
----
sudoers.d is empty
launching an xterm from the cli then entering in the new xterm:
lxc list
and I get a password prompt. Absolutely no clue.