Control: tag -1 + confirmed pending Hi Christoph,
thanks for this bug report. Christoph Berg wrote: > The latest sudo version triggers this warning: > > # sudo -l > /etc/sudoers.d/xymon:12:12: Syntax-Fehler > xymon ALL=(list) SETENV:NOPASSWD: /usr/lib/xymon/client/ext/mailman > ^~~~ I wonder what exactly is the syntax error here. > Removing that line makes the problem go away. On a first glance this seems to happen if Mailman (for which the list user is) is not installed, but sudo is installed. But then again, the user list seems on all my boxes. And for the line before that, it doesn't argue about the user backuppc which surely doesn't exist on most systems. Then again, this line is untouched since 2012 when we switched the user from hobbit to xymon, i.e. the position where the syntax error is claimed is even older. So I wonder: Did sudo's syntax change? And yes, it did. It seems to have introduced a "list" keyword: 2022-12-26 […] Bump SUDOERS_GRAMMAR_VERSION to 50 for the new list pseudo-command. 🤬 eems to have been introduced in Testing yesterday with the migration of sudo 1.9.13p1-1. And indeed, if I change "list" to e.g. "listx", the error goes away. > We should fix that for bookworm. Ack. So the question is how to fix it. The man page reads: A user name, user-ID, group, group-ID, netgroup, nonunix_group or nonunix_gid may be enclosed in double quotes to avoid the need for escaping special characters. I guess this probably also counts for keywords. Let's see and use double quotes around "list" (sic!): Yep, changing it to xymon ALL=("list") SETENV:NOPASSWD: /usr/lib/xymon/client/ext/mailman will make the error go away. Will prepare an upload. Regards, Axel -- ,''`. | Axel Beckert <a...@debian.org>, https://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 `- | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE