Bug 40

Summary: Parse buglet?
Product: Sudo Reporter: Andres Salomon <dilinger>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal    
Priority: normal    
Version: 1.6.3   
Hardware: PC   
OS: Linux   

Description Andres Salomon 2001-06-12 15:59:31 MDT 
Given the following entry in my sudoers file, with sudo 1.6.3p6:
apache ALL=NOPASSWD: /usr/bin/php -d include_path=.\:/etc/awesom -f
/home/httpd/html/voxel/ubersmith/awesom/caller.php
%3[cC]%3[fF]xml[-a-zA-Z0-9\\.\\+_%]*

I get:
>>> sudoers file: syntax error, line 16 <<<
sudo: parse error in /etc/sudoers near line 16

The offending character in this entry is the command argument starting with %.
The workaround:
apache ALL=NOPASSWD: /usr/bin/php -d include_path=.\:/etc/awesom -f
/home/httpd/html/voxel/ubersmith/awesom/caller.php
[%]3[cC]%3[fF]xml[-a-zA-Z0-9\\.\\+_%]*

At which point I get (w/ sudo -l):
User apache may run the following commands on this host:
    (root) NOPASSWD: /usr/bin/php -d include_path=.:/etc/awesom -f
/home/httpd/html/voxel/ubersmith/awesom/caller.php
[%]3[cC]%3[fF]xml[-a-zA-Z0-9\.\+_%]*

My hunch is that sudo thinks the regex that starts w/ % is a group; however, if
I understand the sudoers man page, groups
are not allowed where commands would be listed.
Comment 1 Todd C. Miller 2001-06-15 10:15:59 MDT 
Yes, the sudo lexer needs some work to become more stateful.  There is no easy fix at this point.
Comment 2 Todd C. Miller 2001-12-12 19:25:59 MST 
This will be fixed in sudo 1.6.4 which uses exclusive states in the lexer when tokenizing
command line args.