Hi there We have a strange problem.......
We're trying to override options in sudo rules from IPA, in this case secure_path: sudo -ll reports: RunAsUsers: root Options: requiretty, lecture=always, timestamp_timeout=0, !authenticate, secure_path=/bin:/usr/bin:/usr/local/bin Commands: stopinst /usr/local/bin/stopinst /usr/local/bin/startinst /bin/mount /rman /usr/bin/su - root /usr/local/bin is also in my local path: $ echo $PATH /usr/local/bin:/usr/bin:/usr/local/sbin.......... For easyness, stopinst is currently quite simple: $ cat /usr/local/bin/stopinst #!/bin/bash echo stopinst echo "Path: $PATH" I can execute the script a normal user, using full path or just the command: $ stopinst stopinst Path: /usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/net.dr.dk/drextrha/.local/bin:/home/net.dr.dk/drextrha/bin However, trying to execute the script using sudo fails: $ sudo stopinst [sudo] password for drextrha: sudo: stopinst: command not found Unless using full path: $ sudo /usr/local/bin/stopinst stopinst Path: /bin:/usr/bin:/usr/local/bin Secure path in sudoers is: # grep secure_path /etc/sudoers Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin If I change the secure_path in local sudoers to include /usr/local/bin: # grep secure_path /etc/sudoers Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin I can execute the command using sudo: $ sudo stopinst stopinst Path: /bin:/usr/bin:/usr/local/bin Soooo...... something gets overwritten somewhere that shouldn't???
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
