RE: sudo selectively execute file, * wildcard on dir set with "(ALL) NOPASSWD:".

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Removing * after / fixed the problem.

Thanks Dany.

________________________________
> Date: Tue, 5 Jan 2010 12:10:34 +0200
> From: danyd@xxxxxxxxx
> To: garlumh@xxxxxxxxxxx
> Subject: Re: sudo selectively execute file, * wildcard on dir set with "(ALL) NOPASSWD:".
>
>
>
>
>
>
>
>
>
> On 05.01.2010 11:08, Kent Ho wrote:
>
>
> Hi All,
>
> I'm experiencing a problem with sudo.
>
> sudo selectively execute file in a directory, * wildcard on dir set with "(ALL)
> NOPASSWD:".
>
> I created a script called "script1.sh" in a directory. When I execute this
> script with sudo, it ask me for password which not suppose to happen. I break
> out with ctrl+c.
>
> I then copy script1.sh to a new file in the same directory as "script2.sh".
> Now I execute "script1.sh" again with sudo, now it will execute.
>
> There is no change on script1.sh, All I done is created a new file in the
> directory. But now sudo do not ask me password any more.
>
> At this point I can execute both scripts with sudo with no password. Which is
> normal.
>
> Now I delete "script2.sh". Now the directory has only 1 file again
> "script1.sh". I execute script1.sh now it will ask me for password again.
>
> All executable file should be executable regardless, I don't know why this is
> happening. Number of files in directory affects sudo?
>
>
> Version-Release number of selected component (if applicable):
> [mdrop@c-in3sf--02-04 bin]$ rpm -qa | grep sudo
> sudo-1.6.9p17-5.el5
>
> How reproducible:
> Everytime.
>
> Steps to Reproduce:
> Here is the command sequence from the terminal:
> ===============================================
> [mdrop@c-in3sf--02-04 bin]$ pwd
> /usr/local/site/operations/dsh/bin
> [mdrop@c-in3sf--02-04 bin]$ sudo -l | grep dsh
> (ALL) NOPASSWD: /usr/local/site/mailscripts/spf/bin/*,
> /usr/local/site/mailscripts/ws/bin/*, /usr/local/site/operations/dsh/bin/,
>
>
>
> try this with no * after /
>
>
>
> /usr/local/site/operations/bin/*
> [mdrop@c-in3sf--02-04 bin]$ ls -l
> total 0
> [mdrop@c-in3sf--02-04 bin]$ echo "echo test123"> script1.sh ; chmod +x
> script1.sh
> [mdrop@c-in3sf--02-04 bin]$ ls -l
> total 4
> -rwx------ 1 mdrop mdrop 13 Dec 30 07:04 script1.sh
> [mdrop@c-in3sf--02-04 bin]$ sudo /usr/local/site/operations/dsh/bin/script1.sh
> Password:
> [mdrop@c-in3sf--02-04 bin]$ cp script1.sh script2.sh
> [mdrop@c-in3sf--02-04 bin]$ ls -l
> total 8
> -rwx------ 1 mdrop mdrop 13 Dec 30 07:04 script1.sh
> -rwx------ 1 mdrop mdrop 13 Dec 30 07:04 script2.sh
> [mdrop@c-in3sf--02-04 bin]$ sudo /usr/local/site/operations/dsh/bin/script1.sh
> test123
> [mdrop@c-in3sf--02-04 bin]$ sudo /usr/local/site/operations/dsh/bin/script2.sh
> test123
> [mdrop@c-in3sf--02-04 bin]$ rm script2.sh
> [mdrop@c-in3sf--02-04 bin]$ ls -l
> total 4
> -rwx------ 1 mdrop mdrop 13 Dec 30 07:04 script1.sh
> [mdrop@c-in3sf--02-04 bin]$ sudo /usr/local/site/operations/dsh/bin/script1.sh
> Password:
> [mdrop@c-in3sf--02-04 bin]$
> ============================================================
>
> Actual results:
> $ sudo /usr/local/site/operations/dsh/bin/script1.sh
> Password:
>
> Expected results:
> $ sudo /usr/local/site/operations/dsh/bin/script1.sh
> test123
>
> What could have caused this?
>
> Any help is highly appreciated.
>
> Thanks.
>
> Garlum.
>
> _________________________________________________________________
> Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail you.
> http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092010--
> To unsubscribe from this list: send the line "unsubscribe linux-config" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
>
> read up in your content...
>
> hope will work...
>
>
>
> Regards,
>
> Dany
 		 	   		  
_________________________________________________________________
Windows Live Hotmail: Your friends can get your Facebook updates, right from Hotmail®.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_4:092009--
To unsubscribe from this list: send the line "unsubscribe linux-config" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Audio]     [Linux Console]     [Hams]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Samba]     [Fedora Users]

  Powered by Linux