|
Bugzilla – Full Text Bug Listing |
| Summary: | full path sudoedit command alias in sudoers will always lead to "not allowed to execute 'sudoedit'" error message | ||
|---|---|---|---|
| Product: | Sudo | Reporter: | Amos <amos.wai> |
| Component: | Sudo | Assignee: | Todd C. Miller <Todd.Miller> |
| Status: | RESOLVED INVALID | ||
| Severity: | normal | ||
| Priority: | low | ||
| Version: | 1.7.2 | ||
| Hardware: | HP | ||
| OS: | Linux | ||
sudoedit is just another way of saying "sudo -e". It is an internal command which is why you need to specify it without the path. |
Hi, With the following full path sudoedit definition in sudoers file: Cmnd_Alias CMDS_SUDOEDIT=/usr/bin/sudoedit /opt/tmp/something.txt +usergroup ALL=(root) CMDS_SUDOEDIT We always get this: -bash-3.2$ /usr/bin/sudoedit /opt/tmp/something.txt [sudo] password for user1: Sorry, user user1 is not allowed to execute 'sudoedit /opt/tmp/something.txt' as root on server1. The sudo.log is always telling me: Feb 20 17:20:49 : user1: command not allowed ; TTY=pts/0 ; PWD=/home/user1; USER=root ; COMMAND=sudoedit /opt/tmp/something.txt However, if I change "/usr/bin/sudoedit" to "sudoedit", it works just fine. Or granting user1 in netgroup root_usergroup also works (i.e. +root_usergroup ALL=ALL in sudoers) Thanks and appreciate your help. Regards, Amos