From: Kent Ho <garlumh@hotmail.com>
To: linux-admin@vger.kernel.org, linux-apps@vger.kernel.org,
linux-config@vger.kernel.org
Subject: sudo selectively execute file, * wildcard on dir set with "(ALL) NOPASSWD:".
Date: Tue, 5 Jan 2010 17:08:37 +0800 [thread overview]
Message-ID: <SNT117-W47066EC16DA8C3B6421C8BA7730@phx.gbl> (raw)
Hi All,
I'm experiencing a problem with sudo.
sudo selectively execute file in a directory, * wildcard on dir set with "(ALL)
NOPASSWD:".
I created a script called "script1.sh" in a directory. When I execute this
script with sudo, it ask me for password which not suppose to happen. I break
out with ctrl+c.
I then copy script1.sh to a new file in the same directory as "script2.sh".
Now I execute "script1.sh" again with sudo, now it will execute.
There is no change on script1.sh, All I done is created a new file in the
directory. But now sudo do not ask me password any more.
At this point I can execute both scripts with sudo with no password. Which is
normal.
Now I delete "script2.sh". Now the directory has only 1 file again
"script1.sh". I execute script1.sh now it will ask me for password again.
All executable file should be executable regardless, I don't know why this is
happening. Number of files in directory affects sudo?
Version-Release number of selected component (if applicable):
[mdrop@c-in3sf--02-04 bin]$ rpm -qa | grep sudo
sudo-1.6.9p17-5.el5
How reproducible:
Everytime.
Steps to Reproduce:
Here is the command sequence from the terminal:
===============================================
[mdrop@c-in3sf--02-04 bin]$ pwd
/usr/local/site/operations/dsh/bin
[mdrop@c-in3sf--02-04 bin]$ sudo -l | grep dsh
(ALL) NOPASSWD: /usr/local/site/mailscripts/spf/bin/*,
/usr/local/site/mailscripts/ws/bin/*, /usr/local/site/operations/dsh/bin/*,
/usr/local/site/operations/bin/*
[mdrop@c-in3sf--02-04 bin]$ ls -l
total 0
[mdrop@c-in3sf--02-04 bin]$ echo "echo test123"> script1.sh ; chmod +x
script1.sh
[mdrop@c-in3sf--02-04 bin]$ ls -l
total 4
-rwx------ 1 mdrop mdrop 13 Dec 30 07:04 script1.sh
[mdrop@c-in3sf--02-04 bin]$ sudo /usr/local/site/operations/dsh/bin/script1.sh
Password:
[mdrop@c-in3sf--02-04 bin]$ cp script1.sh script2.sh
[mdrop@c-in3sf--02-04 bin]$ ls -l
total 8
-rwx------ 1 mdrop mdrop 13 Dec 30 07:04 script1.sh
-rwx------ 1 mdrop mdrop 13 Dec 30 07:04 script2.sh
[mdrop@c-in3sf--02-04 bin]$ sudo /usr/local/site/operations/dsh/bin/script1.sh
test123
[mdrop@c-in3sf--02-04 bin]$ sudo /usr/local/site/operations/dsh/bin/script2.sh
test123
[mdrop@c-in3sf--02-04 bin]$ rm script2.sh
[mdrop@c-in3sf--02-04 bin]$ ls -l
total 4
-rwx------ 1 mdrop mdrop 13 Dec 30 07:04 script1.sh
[mdrop@c-in3sf--02-04 bin]$ sudo /usr/local/site/operations/dsh/bin/script1.sh
Password:
[mdrop@c-in3sf--02-04 bin]$
============================================================
Actual results:
$ sudo /usr/local/site/operations/dsh/bin/script1.sh
Password:
Expected results:
$ sudo /usr/local/site/operations/dsh/bin/script1.sh
test123
What could have caused this?
Any help is highly appreciated.
Thanks.
Garlum.
_________________________________________________________________
Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail you.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092010--
To unsubscribe from this list: send the line "unsubscribe linux-apps" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next reply other threads:[~2010-01-05 9:08 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-01-05 9:08 Kent Ho [this message]
2010-01-05 16:08 ` sudo selectively execute file, * wildcard on dir set with "(ALL) NOPASSWD:" Aaron C. de Bruyn
[not found] ` <4B43101A.7040807@direkt.ro>
2010-01-11 9:41 ` Kent Ho
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=SNT117-W47066EC16DA8C3B6421C8BA7730@phx.gbl \
--to=garlumh@hotmail.com \
--cc=linux-admin@vger.kernel.org \
--cc=linux-apps@vger.kernel.org \
--cc=linux-config@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).