Re: /etc/sudoers precedence question
> Are you running the "update" command using the full path?
>
> /usr/cs/2002/omacneil/sbin/update
I am prompted for a password if I say:
sudo /usr/cs/2002/omacneil/sbin/update
or if I say
sudo update
which update gives me
/usr/cs/2002/omacneil/sbin/update.
I am aware that the current sudo file allows sudo bash. The goal is audit
rather than control.
Thanks for the reply.
On Sat, 21 Feb 2004, MB wrote:
> Dan,
>
> Are you running the "update" command using the full path?
>
> /usr/cs/2002/omacneil/sbin/update
>
>
> Your sudo file allows running the above command only with no password.
> Also you should note that a sudo file like this allows for you to get a
> root shell via "sudo bash", which may or may not be what you want to allow.
>
> Mark
>
> Dan MacNeil wrote:
>
> >Given the sudoers file below omacneil (as a member of wheel) should be
> >able to do anything with a password and should be able to run "update"
> >with no password.
> >
> >I can run everything but only with a password.
> >
> >What am I missing?
> >
> >reversing the order of %wheel & omacneil lines doesn't change things.
> >
> >
> >###########
> ># User privilege specification
> >root ALL=(ALL) ALL
> >ken ALL=(ALL) ALL
> >
> >Defaults !lecture, insults
> >%wheel ALL=(ALL) ALL
> >omacneil localhost=NOPASSWD: /usr/cs/2002/omacneil/sbin/update
> >
> >
> >
> >
> >
>
>
Reply to: