Hi,
> you are prompted for password because (ALL) ALL rule is applied because of > last-match rule. > > > See: > http://www.sudo.ws/man/1.8.13/sudoers.ldap.man.html sudoOrder. Ok. I updated the rules to use a sudoorder attribute of 100 for the /usr/bin/less sudo rule. Now, if I type in a terminal: %sudo -l Matching Defaults entries for karl on midgard: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin User karl may run the following commands on xxxx: (ALL) ALL (root) NOPASSWD: /usr/bin/git status, /usr/local/bin/git status (ALL) ALL (ALL) NOPASSWD: /usr/bin/less so my less rule is the last one. So far so good. %sudo -l less /usr/bin/less but if I type in a new terminal: %sudo less .bashrc [sudo] password for karl: I am prompted to type in a password. So there seems to be a problem, right ? Regards, Karl -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
