A user alias would be used just as a userid would be used. The %name notation denotes a group name, not a user name. Therefore %wheel grants access to people in the group wheel, where OPERGRP would be a user list, and would be the same as a list, such as oper01,oper02,oper03.
-- Robert P. Nix Mayo Foundation RO-OC-1-13 200 First Street SW 507-284-0844 Rochester, MN 55905 ----- "In theory, theory and practice are the same, but in practice, theory and practice are different." -----Original Message----- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Post, Mark K Sent: Friday, May 26, 2006 1:32 PM To: [email protected] Subject: Re: Help with the sudoer file According to your first email, these are the entries you added: User_Alias OPERGRP = Oper01 Oper01 ALL=(ALL) ALL,!/usr/bin/passwd root %OPERGRP ALL=(ALL ALL The %OPERGRP doesn't look right. You've already defined that as an alias. Just do OPERGRP ALL=(ALL) ALL and see if that works better. Also, if you're going to define the OPERGRP alias, why not use it for the first entry as well? OPERGRP ALL=(ALL) ALL,!/usr/bin/passwd root Mark Post -----Original Message----- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of LJ Mace Sent: Friday, May 26, 2006 2:22 PM To: [email protected] Subject: Re: Help with the sudoer file Mark, Thank you for the quick reply. I tried it again with the operators password and I got "sorry try again" and when I entered the root password it took off. What am I goofing up?? thanks Mace "Post, Mark K" <[EMAIL PROTECTED]> wrote: The password that sudo requests is the password of the user issuing the sudo command. So, if Oper01 issues the sudo command, it will be prompted for the Oper01 password. You can use the nopasswd option on any sudoers entry, but it's not really recommended. Mark Post -----Original Message----- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of LJ Mace Sent: Friday, May 26, 2006 1:59 PM To: [email protected] Subject: Re: Help with the sudoer file Thank you that worked great. Now I have 1 more question. After I enter the command it asks for the password, I have to reply with the root password. Besides not authenticating(which I guess would be NOT having to enter a password) is there anyother way to do this?? thanks Mace ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
