Open Source Development

Power Open Source Development

Explore the open source tools and capabilities for building and deploying modern applications on IBM Power platforms including AIX, IBM i, and Linux.


#Power


#Power

 View Only

  • 1.  sudo - not able to disable sudoedit

    Posted Fri February 18, 2022 02:36 AM
    Trying to prevent user from editing sudoers once they have root privilege. The same syntax working on linux but error outs on AIX.

    [root@tpolaunix0002d:/nfs/infra/aix/bin]# visudo
    /etc/sudoers:111:113: sudoedit should not be specified with a path
    %odin_cnsdDEVapp_a ALL=(root) NOPASSWD: NOEXEC: ALL,!/usr/bin/passwd *,!/usr/sbin/shutdown *,!/sbin/shutdown *,!/bin/sudoedit /etc/sudoers.d/*,!/bin/sudoedit /etc/sudoers
    ^~~~~~~~~~~~~
    /etc/sudoers:111:145: sudoedit should not be specified with a path
    %odin_cnsdDEVapp_a ALL=(root) NOPASSWD: NOEXEC: ALL,!/usr/bin/passwd *,!/usr/sbin/shutdown *,!/sbin/shutdown *,!/bin/sudoedit /etc/sudoers.d/*,!/bin/sudoedit /etc/sudoers
    ^~~~~~~~~~~~~
    What now?

    # lslpp -Lcq sudo.rte
    sudo:sudo.rte:1.9.8.2: : :C: :Configurable super-user privileges runtime: : : : : : :0:0:/:

    ------------------------------
    Santhosh Padiyath
    ------------------------------

    #AIXOpenSource


  • 2.  RE: sudo - not able to disable sudoedit

    Posted Fri February 18, 2022 03:25 AM

    From sudo 1.9.X , onwards , in visudo , a fully-qualified path for sudoedit is now treated as error. 
    https://github.com/sudo-project/sudo/commit/635445d4714b0de19b56957ece3767a15800b62f

    The sudo version you have in linux will be below than 1.9.X





    ------------------------------
    Ayappan P
    ------------------------------

    Original Message


Related Content