OOOOOOOOOOOO now I see said the blind man. I was hoping to make it very,very simple Mace
--- On Thu, 9/25/08, Scott Rohling <[EMAIL PROTECTED]> wrote: > From: Scott Rohling <[EMAIL PROTECTED]> > Subject: Re: question about sudo > To: [email protected] > Date: Thursday, September 25, 2008, 11:33 AM > Ah - well - the alias isn't for the 'sudo' > command itself -- it's just for > sudoers... The alias will resolve into the list of > commands -- you don't > actually get to use it on the command line. It's just > a vehicle to help > you code sudoers more efficiently - not to provide an alias > when you issue > commands. Make sense? > > Scott Rohling > > On Thu, Sep 25, 2008 at 9:22 AM, LJ Mace > <[EMAIL PROTECTED]> wrote: > > > But when I sudo SHUTL2 I get: > > sudo: SHUTL2: command not found > > Mace > > > > > > --- On Thu, 9/25/08, Scott Rohling > <[EMAIL PROTECTED]> wrote: > > > > > From: Scott Rohling > <[EMAIL PROTECTED]> > > > Subject: Re: question about sudo > > > To: [email protected] > > > Date: Thursday, September 25, 2008, 11:06 AM > > > Isn't that what you want to see? The > resolution of all > > > the aliases and the > > > final result? That's what I'd want to > see - > > > sanity check to make sure the > > > aliases are resolving... And in this case it > looks like > > > SHUTL2 is > > > resolving but CMSDOWN is not.. > > > > > > Scott Rohling > > > > > > (resending -- for some reason my reply just went > directly > > > to ljmace the > > > first time) > > > > > > On Thu, Sep 25, 2008 at 8:53 AM, LJ Mace > > > <[EMAIL PROTECTED]> wrote: > > > > > > > (rant on)I am trying to protect the system > from an > > > incompetent manager > > > > making a bad decision about an operator(rant > off). > > > > Anyway so the operator doen't have to > log into > > > root I'm trying to setup > > > > sudo to perform several commands. > > > > To shorten the keying I have setup cmnd > alias ,but > > > when I try to execute > > > > the alias i get command not found. > > > > So here is my sudo file: > > > > Host_Alias IMAGE1 = xx.xx.xx.xxx > > > > # User alias specification > > > > User_Alias IMAGEUSR1= oper1 > > > > # Cmnd alias specification > > > > Cmnd_Alias SHUTL2 = /sbin/shutdown -r 0 > > > > Cmnd_Alias CMSDOWN = > /opt/scripts/cmsshutdown.sh > > > > # Defaults specification > > > > Defaults targetpw,insults # ask for the > password of > > > the target user i.e. > > > > root > > > > %users ALL=(ALL) ALL # WARNING! Only use > this together > > > with 'Defaults > > > > targetpw'! > > > > > > > > # User privilege specification > > > > # You should not use sudo as root in an > SELinux > > > environment > > > > # If you use SELinux, remove the following > line > > > > root ALL=(ALL) ALL > > > > oper1 ALL=/sbin/shutdown -h > now,!/usr/bin/passwd root, > > > !/bin/rm, \ > > > > SHUTL2, CMSDOWN > > > > # Uncomment to allow people in group wheel > to run all > > > commands > > > > # %wheel ALL=(ALL) ALL > > > > > > > > # Same thing without a password > > > > # %wheel ALL=(ALL) NOPASSWD: > ALL > > > > > > > > I've done the sudo -K to bring in the > changes but > > > when I do a > > > > sudo -l I get: > > > > > > > > User oper1 may run the following commands on > this > > > host: > > > > (ALL) ALL > > > > (root) /sbin/shutdown -h now > > > > (root) !/usr/bin/passwd root > > > > (root) !/bin/rm > > > > (root) /sbin/shutdown -r 0 > > > > Why is it showing the commands and not the > alias? > > > > thanks > > > > Mace > > > > > > > > > > > > ---------------------------------------------------------------------- > > > > For LINUX-390 subscribe / signoff / archive > access > > > instructions, > > > > send email to [EMAIL PROTECTED] with > the message: > > > INFO LINUX-390 or > > > > visit > > > > > http://www.marist.edu/htbin/wlvindex?LINUX-390 > > > > > > > > > > > ---------------------------------------------------------------------- > > > For LINUX-390 subscribe / signoff / archive > access > > > instructions, > > > send email to [EMAIL PROTECTED] with the > message: INFO > > > LINUX-390 or visit > > > http://www.marist.edu/htbin/wlvindex?LINUX-390 > > > > > ---------------------------------------------------------------------- > > For LINUX-390 subscribe / signoff / archive access > instructions, > > send email to [EMAIL PROTECTED] with the message: > INFO LINUX-390 or > > visit > > http://www.marist.edu/htbin/wlvindex?LINUX-390 > > > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access > instructions, > send email to [EMAIL PROTECTED] with the message: INFO > LINUX-390 or visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
