sudo selectively execute file, * wildcard on dir set with "(ALL) NOPASSWD:".

linux-config.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Kent Ho <garlumh@hotmail.com>
To: linux-admin@vger.kernel.org, linux-apps@vger.kernel.org,
	linux-config@vger.kernel.org
Subject: sudo selectively execute file, * wildcard on dir set with "(ALL) NOPASSWD:".
Date: Tue, 5 Jan 2010 17:08:37 +0800	[thread overview]
Message-ID: <SNT117-W47066EC16DA8C3B6421C8BA7730@phx.gbl> (raw)

Hi All,

I'm experiencing a problem with sudo.

sudo selectively execute file in a directory, * wildcard on dir set with "(ALL)
NOPASSWD:".

I created a script called "script1.sh" in a directory.   When I execute this
script with sudo, it ask me for password which not suppose to happen.  I break
out with ctrl+c.

I then copy script1.sh to a new file in the same directory as "script2.sh".
Now I execute "script1.sh" again with sudo, now it will execute.

There is no change on script1.sh, All I done is created a new file in the
directory.  But now sudo do not ask me password any more.

At this point I can execute both scripts with sudo with no password.  Which is
normal.

Now I delete "script2.sh".  Now the directory has only 1 file again
"script1.sh".  I execute script1.sh now it will ask me for password again.

All executable file should be executable regardless, I don't know why this is
happening.  Number of files in directory affects sudo?

Version-Release number of selected component (if applicable):
[mdrop@c-in3sf--02-04 bin]$ rpm -qa | grep sudo
sudo-1.6.9p17-5.el5

How reproducible:
Everytime.

Steps to Reproduce:
Here is the command sequence from the terminal:
===============================================
[mdrop@c-in3sf--02-04 bin]$ pwd
/usr/local/site/operations/dsh/bin
[mdrop@c-in3sf--02-04 bin]$ sudo -l | grep dsh
    (ALL) NOPASSWD: /usr/local/site/mailscripts/spf/bin/*,
/usr/local/site/mailscripts/ws/bin/*, /usr/local/site/operations/dsh/bin/*,
/usr/local/site/operations/bin/*
[mdrop@c-in3sf--02-04 bin]$ ls -l
total 0
[mdrop@c-in3sf--02-04 bin]$ echo "echo test123"> script1.sh ; chmod +x
script1.sh
[mdrop@c-in3sf--02-04 bin]$ ls -l
total 4
-rwx------ 1 mdrop mdrop 13 Dec 30 07:04 script1.sh
[mdrop@c-in3sf--02-04 bin]$ sudo /usr/local/site/operations/dsh/bin/script1.sh 
Password: 
[mdrop@c-in3sf--02-04 bin]$ cp script1.sh script2.sh 
[mdrop@c-in3sf--02-04 bin]$ ls -l
total 8
-rwx------ 1 mdrop mdrop 13 Dec 30 07:04 script1.sh
-rwx------ 1 mdrop mdrop 13 Dec 30 07:04 script2.sh
[mdrop@c-in3sf--02-04 bin]$ sudo /usr/local/site/operations/dsh/bin/script1.sh 
test123
[mdrop@c-in3sf--02-04 bin]$ sudo /usr/local/site/operations/dsh/bin/script2.sh 
test123
[mdrop@c-in3sf--02-04 bin]$ rm script2.sh 
[mdrop@c-in3sf--02-04 bin]$ ls -l
total 4
-rwx------ 1 mdrop mdrop 13 Dec 30 07:04 script1.sh
[mdrop@c-in3sf--02-04 bin]$ sudo /usr/local/site/operations/dsh/bin/script1.sh 
Password: 
[mdrop@c-in3sf--02-04 bin]$ 
============================================================

Actual results:
$ sudo /usr/local/site/operations/dsh/bin/script1.sh 
Password: 

Expected results:
$ sudo /usr/local/site/operations/dsh/bin/script1.sh 
test123

What could have caused this?

Any help is highly appreciated.

Thanks.

Garlum.

_________________________________________________________________
Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail you.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092010--
To unsubscribe from this list: send the line "unsubscribe linux-apps" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

next             reply	other threads:[~2010-01-05  9:08 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-01-05  9:08 Kent Ho [this message]
2010-01-05 16:08 ` sudo selectively execute file, * wildcard on dir set with "(ALL) NOPASSWD:" Aaron C. de Bruyn
     [not found] ` <4B43101A.7040807@direkt.ro>
2010-01-11  9:41   ` Kent Ho

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=SNT117-W47066EC16DA8C3B6421C8BA7730@phx.gbl \
    --to=garlumh@hotmail.com \
    --cc=linux-admin@vger.kernel.org \
    --cc=linux-apps@vger.kernel.org \
    --cc=linux-config@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).