Marc R. Schoolderman
Marc R. Schoolderman
RunAs_Alias ALIAS = %group ALL ALL = (ALL:ALIAS) ALL What options with sudo -g are allowed?
- [ ] CLI interface - [ ] combine the right crates (PAm, exec, ..) The sudoers permissions checker is of course replaced with a simple checker to see if...
Original sudo has a custom password prompt. It is user friendly to have that. Now most of what we print there is provided by PAM (e.g. `Password:`, or `Yubikey PIN:`)....
This is in the Ubuntu/Debian configuration; note there are some related Defaults options that come with this (see the manpage of sudo)
There are some well-known anti-patterns in sudo, that the man page warns about; for instance using the negation operator with commands in rules like: ``` user machine = (ALL:ALL) ALL,!/bin/ls...
e.g. `sudo ./a.out` will say "command not found" even if it exists
Please check and re-check this PR carefully to see if I got this right. But by my logic, if the `read_only` function returns `true`, I would not expect be able...
**Describe the feature you'd like see implemented in `sudo-rs`** Improved error messages in case of a configuration mistake (see also #832). For example: * A missing `/etc/sudoers` file (right now:...
`sudo-rs` supports users that are defined via LDAP via PAM (which is a common and reasonable use case), but not (at least not right now) a sudoers file that is...
Some error messages in the sudoers file (e.g. an include file not found, recursive aliases) give correct parse error message but don't reveal the location. We could add this by...