Red Hat Bugzilla – Bug 856901
Defauts:!<user> syntax in sudoers doesn't seem to work as expected
Last modified: 2015-03-02 00:27:09 EST
Description of problem:
!<user> shout match to all users different from <user> but it doesn't seem to work and this patters seem to be ignored
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. add test user
2. update sudoers with:
user ALL=(ALL) NOPASSWD: ALL
Defaults !requiretty # actually not necessary, this is the default
Defaults:!root requiretty # require tty for all non-root users
3. login as test user and add this into user's crontab (crontab -e)
* * * * * /usr/bin/sudo id &> /tmp/id
every minute /tmp/id is updated with the output od the "id" command. This is not correct because cron jobs don't have tty and therefore we should see just the message similar to "sorry, you need tty"
Same situation on RHEL5 with sudo-1.7.2p1-21.el5
Thank you. Maybe we can keep this bug open as a request for adding such an explanation into RH shipped sudo.
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Created attachment 784769 [details]
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.