Bug 332

Summary: Length of /etc/group entry
Product: Sudo Reporter: Doug Eckert <doug.eckert>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED INVALID    
Severity: normal    
Priority: low    
Version: 1.6.9   
Hardware: IBM   
OS: Other   

Description Doug Eckert 2009-02-06 13:58:56 MST 
This is on an AIX server using the sudo package provided by IBM at:

http://www-03.ibm.com/systems/power/software/aix/linux/toolbox/alpha.html

# oslevel -s
5300-08-03-0831
# rpm -qa | grep sudo
sudo-1.6.9p15-2noldap

If an /etc/group entry exceeds 255 characters, 'sudo' doesn't recognize the users at or beyond character 255 as being in that particular group.

The workaround I've used is to split the /etc/group entry just before 255 and create additional group(s) with the same gid.

Is this in sudo itself, or in the build?  Seems it shouldn't happen either way.
Comment 1 Doug Eckert 2009-02-06 14:46:46 MST 
correction, the work around isn't working wither.
Comment 2 Doug Eckert 2009-02-06 15:32:43 MST 
Disregard.

I had users entering command as follows:

$ sudo -i -u <user> <path-to-script>

Error was that user is not allowed to run '/usr/bin/ksh <path-to-script>' as user: <user>

I added "/usr/bin/ksh <path-to-script>" to the command alias and all is well.