[Eug-lug] Sudoers question

[Martin Kelly]

That line worked... thanks :).

Allen Brown wrote:
> Michael Miller wrote:
>> I advise you to read the man pages for your distribution.  You there
>> may be a sudoers group setup that you may need to be in.
>>
>> -Miller
> 
> I have found sudo to be essential, but a PITA.  (See first defn)
> http://www.acronymfinder.com/af-query.asp?Acronym=PITA&Find=Find&String=exact
> 
> The main problem I have with sudo is it's error checking.  Basically
> there is only one error message: syntax error.  Missing punctuation?
> Syntax error.  Failed to define a symbol?  Syntax error.
> I've spent hours finding an error which would have been trivial
> with a better error report.  Granted, writing good error messages
> is not trivial.  But the author of sudo didn't even try.
> 
> Another complication is that if your sudo is configured to give
> passwordless validation for 5 minutes after you have validated
> once, it becomes hard to know if you have your configuration
> working correctly.
> 
> In any case, here is a copy of my sudoers file.
> # ========= Runas alias specification =========
> Runas_Alias AS_ROOT=root
> 
> # ========= Cmnd alias specification =========
> Cmnd_Alias UNRESTRICTEDCOMMAND=\
>         /usr/local/sbin/networklog,\
>         /usr/bin/apm --suspend,\
>         /usr/bin/updatedb
> 
> # ========= Defaults =========
> 
> Defaults	!lecture,tty_tickets,!fqdn
> 
> # ========= User privilege specification =========
> root	ALL=(ALL) ALL
> 
> # Members of the admin group may gain root privileges
> %admin ALL=(ALL) ALL
> 
> ALL     ALL=(AS_ROOT) NOPASSWD: UNRESTRICTEDCOMMAND
> 
> This is not exactly what you asked for, but it should be
> close.  I have given unrestricted access to a few
> commands.  You may want to restrict such access to only
> yourself.
> 
> And your current line
>   martin ALL = (ALL) ALL
> is fine and would probably be used in place of my line
>   %admin ALL=(ALL) ALL
> which I inherited from my Ubuntu install.