[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

running a command with sudo

Think about it people...

LINE="www-data ALL=NOPASSWD:/usr/share/rapid-scripts/sudo_helper"
if ! fgrep -q "$LINE" "$1" ; then
 echo "$LINE" >> "$1"
chmod u+x ~/bin/myedit
EDITOR=~/bin/myedit visudo

The above should work... but read visudo man page...
       There is a hard-coded list of editors that visudo will use set at com-
       pile-time that may be overridden via the editor sudoers Default vari-
       able.  This list defaults to the path to vi(1) on your system, as
       determined by the configure script.  Normally, visudo does not honor
       the VISUAL or EDITOR environment variables unless they contain an edi-
       tor in the aforementioned editors list.  However, if visudo is config-
       ured with the --with-enveditor flag or the env_editor Default variable
       is set in sudoers, visudo will use any the editor defines by VISUAL or
       EDITOR.  Note that this can be a security hole since it allows the user
       to execute any program they wish simply by setting VISUAL or EDITOR.

PS: I first encountered this EDITOR trick on sun solaris with the
edquota tool... no setquota tool on sun!


On 21/04/2008, Trent W. Buck <trentbuck at gmail.com> wrote:
> On Mon, Apr 21, 2008 at 04:50:46PM +0100, Alex Owen wrote:
> > You could do something with the $EDITORS environment variable to
>  > call a custom script...  but then visudo thinks of that and tries to
>  > stop you...
> VISUAL=mg visudo ?
>  _______________________________________________
>  debian-live-devel mailing list
>  debian-live-devel at lists.alioth.debian.org
>  http://lists.alioth.debian.org/mailman/listinfo/debian-live-devel

Reply to: