[Bug 719356] Re: visudo doesn’t handle includedir apparently
Stephen Warren
swarren at wwwdotorg.org
Wed Jun 8 03:05:46 UTC 2011
I believe the syntax in the /etc/sudoers file is "#includedir
/etc/sudoers.d" not "includedir /etc/sudoers.d", i.e. you do need the
leading # character; the visudo syntax error message when you omit it is
correct. See `man sudoers`.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/719356
Title:
visudo doesn’t handle includedir apparently
Status in “sudo” package in Ubuntu:
New
Bug description:
Binary package hint: sudo
Hello! I noticed that recently a new “/etc/sudoers.d” directory was
added, as well as the “/etc/sudoers.dpkg-dist” file. A comment in the
latter encourages me to put any modifications to “/etc/sudoers” in a
separate file inside the new directory, and use the “includedir”
directive to use it. It also insists that all modifications to
“/etc/sudoers” be done with “visudo”.
I tried doing this without success. I used “visudo -f” to create a
file containing my customizations in “/etc/sudoers.d”, and it worked
(at least I didn’t get any complaints).
Then I tried to replace my old “/etc/sudoers” with the version left by
dpkg, except uncommenting the “includedir” directive. I did this using
visudo, but it complains with “/etc/sudoers: syntax error near line
25” (that’s the line with “includedir” if counting from 0, or the
blank line immediately before it if counting from 1).
I think this means that “visudo” doesn’t understand “includedir”,
which is probably a bug.
The files I tried to use are pasted below. (My current “/etc/sudoers”
is practically the same thing: the alias specifications are below the
“# Cmnd alias specification” comment, and the “bogdanb” line is where
the “includedir” directive would be.)
* * * /etc/sudoers * * *
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
#includedir /etc/sudoers.d
* * * /etc/sudoers.d/bogdanb * * *
Cmnd_Alias MOUNT = /bin/mount, /bin/umount
Cmnd_Alias VIEW = /bin/cat, /bin/ls
Cmnd_Alias OTHER = /sbin/shutdown, /sbin/reboot, /sbin/halt
Cmnd_Alias PAGERS = /bin/more, /usr/bin/less
Cmnd_Alias APT = /usr/bin/aptitude update, /usr/bin/aptitude dist-upgrade, /usr/bin/aptitude safe-upgrade, /usr/bin/aptitude upgrade
bogdanb ALL =(ALL) ALL, NOPASSWD: MOUNT, VIEW, OTHER, PAGERS, APT
Cmnd_Alias MOUNT = /bin/mount, /bin/umount
Cmnd_Alias VIEW = /bin/cat, /bin/ls
Cmnd_Alias OTHER = /sbin/shutdown, /sbin/reboot, /sbin/halt
Cmnd_Alias PAGERS = /bin/more, /usr/bin/less
Cmnd_Alias APT = /usr/bin/aptitude update, /usr/bin/aptitude dist-upgrade, /usr/bin/aptitude safe-upgrade, /usr/bin/aptitude upgrade
bogdanb ALL =(ALL) ALL, NOPASSWD: MOUNT, VIEW, OTHER, PAGERS, APT
********************************
bogdanb at mabelode:/etc/sudoers.d$ ls -la
total 16
drwxr-xr-x 2 root root 96 2011-02-15 14:41 ./
drwxr-xr-x 177 root root 8608 2011-02-15 14:46 ../
-r--r----- 1 root root 395 2011-02-15 14:41 bogdanb
-r--r----- 1 root root 819 2010-02-09 03:19 README
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: sudo 1.7.4p4-5ubuntu4
ProcVersionSignature: Ubuntu 2.6.38-3.30-generic 2.6.38-rc4
Uname: Linux 2.6.38-3-generic x86_64
Architecture: amd64
Date: Tue Feb 15 14:47:03 2011
EcryptfsInUse: Yes
ProcEnviron:
LANGUAGE=en_US:en
PATH=(custom, user)
LANG=en_US.UTF-8
LC_MESSAGES=en_US.utf8
SHELL=/bin/bash
SourcePackage: sudo
VisudoCheck: /etc/sudoers: parsed OK
More information about the foundations-bugs
mailing list