Am 02/17/15 um 23:47 schrieb Gene: > On Tue, Feb 17, 2015 at 2:40 PM, Stefan Wollny <stefan.wol...@web.de> wrote: > >> Am 02/17/15 um 23:25 schrieb Gene: >>> That is not the extent of the sudo settings. You have to look at the >>> sudoers file to check whether the env settings are kept or not. >> >> ??? >> Sorry - it was a looong day: What _exactly_ do I have to look at? That line >>>> %wheel ALL=(ALL) NOPASSWD: SETENV: ALL >> was right from the sudoers-file. >> >> > Look at the entire sudoers file, not just one line. Specifically look for > env_reset and env_keep. >
Well: It is the standard OpenBSD-sudoers-file with exactly this one line adjusted. Nevertheless: Here is the entire file: # $OpenBSD: sudoers,v 1.28 2014/04/08 13:26:28 espie Exp $ # # sudoers file. # # This file MUST be edited with the 'visudo' command as root. # Failure to use 'visudo' may result in syntax or file permission errors # that prevent sudo from running. # # See the sudoers man page for the details on how to write a sudoers file. # # Host alias specification # User alias specification # Cmnd alias specification # Defaults specification Defaults env_keep +="FTPMODE PKG_CACHE PKG_PATH SM_PATH SSH_AUTH_SOCK" # Non-exhaustive list of variables needed to build release(8) and ports(7) Defaults:%wsrc env_keep +="DESTDIR DISTDIR FETCH_CMD FLAVOR GROUP MAKE MAKECONF" Defaults:%wsrc env_keep +="MULTI_PACKAGES NOMAN OKAY_FILES OWNER PKG_DBDIR" Defaults:%wsrc env_keep +="PKG_DESTDIR PKG_TMPDIR PORTSDIR RELEASEDIR SHARED_ONLY" Defaults:%wsrc env_keep +="SUBPACKAGE WRKOBJDIR SUDO_PORT_V1" # Uncomment to preserve the default proxy host variable #Defaults env_keep +="ftp_proxy http_proxy" # Uncomment to disable the lecture the first time you run sudo #Defaults !lecture # Uncomment to preserve the environment for users in group wheel #Defaults:%wheel !env_reset # Runas alias specification # User privilege specification root ALL=(ALL) SETENV: ALL # Uncomment to allow people in group wheel to run all commands # and set environment variables. # %wheel ALL=(ALL) SETENV: ALL # Same thing without a password %wheel ALL=(ALL) NOPASSWD: SETENV: ALL # Samples # %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom # %users localhost=/sbin/shutdown -h now
