[Bug 1591137] Re: sudo ignores shortname aliases in sudoers file

Mon, 06 Mar 2017 12:35:34 -0800 

We are experiencing the same symptoms with sudo (v1.8.16) as have been 
previously reported in this bug.
 
On an Ubuntu 16.04 system short hostnames don't work in the sudoers file when 
the 'fqdn' option is true (as it is by default). The documentation indicates 
that the short form should still work with the fqdn option set.
 
Steps to reproduce:
 
On a system called 'ubuntu1604.example.com', put the following into sudoers:
 
%john ubuntu1604=(root) NOPASSWD: /bin/true
%john ubuntu1604.example.com=(root) NOPASSWD: /bin/false
 
Expected outcome:
 
sudo -l shows user 'john' is allowed to run:
 
    (root) /bin/true
    (root) /bin/false
 
Actual outcome:
 
sudo -l shows user 'john' is allowed to run:
 
    (root) /bin/false
 
sudo -l -U john -h ubuntu1604 shows user 'john' is allowed to run:
 
    (root) /bin/false
 
sudo -l -U test -h ubuntu1604.example.com shows user 'john' is allowed to run:
 
    (root) /bin/true
    (root) /bin/false


------
Sudo version 1.8.16
Configure options: --prefix=/usr -v --with-all-insults --with-pam --with-fqdn 
--with-logging=syslog --with-logfac=authpriv --with-env-editor 
--with-editor=/usr/bin/editor --with-exampledir=/usr/share/doc/sudo/examples 
--with-timeout=15 --with-password-timeout=0 --with-passprompt=[sudo] password 
for %p:  --without-lecture --with-tty-tickets --disable-root-mailer 
--enable-admin-flag --with-sendmail=/usr/sbin/sendmail 
--with-rundir=/var/run/sudo --mandir=/usr/share/man --libexecdir=/usr/lib/sudo 
--with-sssd --with-sssd-lib=/usr/lib/x86_64-linux-gnu --with-selinux 
--with-linux-audit
Sudoers policy plugin version 1.8.16

---------

root@bs-ubuntu1604:~# uname -a
Linux bs-ubuntu1604 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 
2017 x86_64 x86_64 x86_64 GNU/Linux

---------

root@bs-ubuntu1604:~# cat /etc/hosts
127.0.0.1       localhost
127.0.1.1       bs-ubuntu1604.ethz.ch   bs-ubuntu1604

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
root@bs-ubuntu1604:~# hostname
bs-ubuntu1604

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1591137

Title:
  sudo ignores shortname aliases in sudoers file

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1591137/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to