Bugzilla – Bug 1
One cannot specify a user id for a User_Alias
Last modified: 2001-12-17 20:36:38 MST
The documentation defines the following non-terminal: User ::= '!'* username | '!'* '#'uid | ... which implies that you can use the comment character to specify a user id instead of a user name. Later on in the documentation: The pound sign ('#') is used to indicate a comment (unless it occurs in the context of a user name and is followed by one or more digits, in which case it is treated as a uid). However, it looks like the lexer throws away any text from '#' to $. Which means the following is an invalid assignment according to visudo: User_Alias FOO #500 FOO ALL=/bin/ls # error at this line for undefined User_Alias I have made a local modification to fix this. First, The user must escape the comment character: User_Alias FOO \#500 Then I have made a change in the parser (parse.yacc) in the WORD production, at line 775: if (strcmp($1, user_name) == 0) $$ = TRUE; + else if ($1[0] == '#' && atoi($1 + 1) == user_uid) + $$ = TRUE; else $$ = -1; free($1);
I will probably fix this directly in the lexer. In retrospect, using #XXXX as the syntax for a uid was a bad idea due to the ambiguity is causes in the parser.
User_Aliases are not supposed to be able to contain uids. The sudoers man page will be corrected in sudo 1.6.4.