somewhat OT: sudo question
Gregory Hosler
ghosler at redhat.com
Fri Sep 10 04:09:47 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/10/2010 10:44 AM, JD wrote:
>
>
> On 09/09/2010 07:38 PM, Tom H wrote:
>> On Thu, Sep 9, 2010 at 9:59 PM, JD<jd1008 at gmail.com> wrote:
>>> I tried it and I confirm that sudo is broken if
>>> the NOPASSWD: is followed by a list of commands.
>>> sudo will only allow the user to sudo the specified
>>> commands without a password.
>>> All other commands are blocked.
>>>
>>> I think you should open a bug at bugzilla.redhat.com
>> sudo will only allow what you specify "/etc/sudoers". If you only
>> specify "rajan ALL=(ALL) NOPASSWD: HIBERNATE", rajan will only be able
>> to use sudo to run a command in the HIBERNATE command alias. If rajan
>> wants to use sudo to run other commands (with or without a password),
>> he needs to add "rajan ALL=(ALL) ALL" to "/etc/sudoers".
> Two entries to achieve that?
> That's lame!
Granting administrator privileges is not done gratuitously. Having 2 entries,
for 2 different types of requirements is totally sane.
Having said that, the sudoers manpage gives an example with one line combining both.
- -Greg
- --
+---------------------------------------------------------------------+
Please also check the log file at "/dev/null" for additional information.
(from /var/log/Xorg.setup.log)
| Greg Hosler ghosler at redhat.com |
+---------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkyJr4gACgkQ404fl/0CV/Q2JwCgsSAUiY3isC22k0G6ZwV68uje
8o8AoJ5CDZ8f9bpsKwH4ZYuomPG10T9c
=riXx
-----END PGP SIGNATURE-----
More information about the users
mailing list