Sudo in a cron job question
Kurt Wall
kwall
Mon May 17 11:44:37 PDT 2004
Feigning erudition, Tim Wunder wrote:
% On 2/19/2003 1:56 PM, someone claiming to be Kurt Wall wrote:
% >Feigning erudition, Tim Wunder wrote:
[...]
% >So, you're using "authenticate NOPASSWD" flag or some such?
%
% Something like that.. the relevant portion of my /etc/sudoers file
%
% User_Alias ADMINS = <myuser>
% Cmnd_Alias INSTALL = /usr/local/bin/checkinstall -*[A-z]*
% ADMINS ALL=(ALL) NOPASSWD: INSTALL
%
% > Can you run invoked sudo with the -l option? See the discussion of
% > "listpw" in the sudoers(5) man page. See also the -v option.
%
% I'll look at '-l' and '-v', thanks. I'm a sudo neophyte, so pointers are
% most welcome.
%
% <time passes as tim putzes with this and that...>
%
% Kurt, you're a wonderful person!
Hardly - I've just blown my leg off more times than you.
% For kicks, I added '/usr/bin/sudo -l >sudo.lst' to my script, which told
% me that my user could execute the following commands on this host:
% (ALL) NOPASSWD: /usr/local/bin/checkinstall -*[A-z]*
%
% which got me thinking... damn, that *is* the command I'm trying to
% run... then it hit me: I've got the command specified in my script as
% only 'checkinstall', not '/usr/local/bin/checkinstall'. One quick
% modification to my script, and there's now joy in Mudville.
%
% I guess that just goes to show you that explicit should be used in
% scripts...
It's not the script per se that's the issue, but the path specified
in /etc/sudoers. I'm pretty certain that if you had specifed
(ALL) NOPASSWD: checkinstall -*[A-z]*
that it would have worked.
Regards,
Kurt
--
NEWS FLASH!!
Today the East German pole-vault champion became the West
German pole-vault champion.
More information about the Linux-users
mailing list