On Sun, Feb 15, 2009 at 1:23 AM, Casey Dahlin <cdahlin@xxxxxxxxxx> wrote:
Sorry, I posted to the wrong list. My intention was to post to the user list,
but gmail auto completed the address, and I did not pay attention.
I fixed my problem, but I do not know why the first rule just gives an unrestricted
access (all vboxusers can run any command as root),
while the second one works the way I wanted. They look the same to me:
------
%vboxusers ALL=/home/roma/bin/brup2.sh, /home/roma/bin/brdown.sh, NOPASSWD: ALL
------
## Allows members of the vboxusers group to set some network parameters
Cmnd_Alias VBOXCMD = /home/roma/bin/brup2.sh, /home/roma/bin/brdown.sh
Runas_Alias VBOXCMD = root
%vboxusers ALL=NOPASSWD: VBOXCMD
This is a development list. It isn't the venue for these sorts of questions. Try fedora-list.Paulo Cavalcanti wrote:
Hi,
I removed two users from group wheel in F10,
but they still have super user privileges, via sudo.
I have even rebooted the box.
--
Paulo Roma Cavalcanti
LCG - UFRJ
Since you're here though...
the wheel group has nothing to do with sudo access (necessarily). Check /etc/sudoers to see how your policy is configured.
Sorry, I posted to the wrong list. My intention was to post to the user list,
but gmail auto completed the address, and I did not pay attention.
I fixed my problem, but I do not know why the first rule just gives an unrestricted
access (all vboxusers can run any command as root),
while the second one works the way I wanted. They look the same to me:
------
%vboxusers ALL=/home/roma/bin/brup2.sh, /home/roma/bin/brdown.sh, NOPASSWD: ALL
------
## Allows members of the vboxusers group to set some network parameters
Cmnd_Alias VBOXCMD = /home/roma/bin/brup2.sh, /home/roma/bin/brdown.sh
Runas_Alias VBOXCMD = root
%vboxusers ALL=NOPASSWD: VBOXCMD
--
Paulo Roma Cavalcanti
LCG - UFRJ
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
