can't figure out a problem with sudo

From: KURT BUFF (kurtbuff_at_spro.net)
Date: 12/18/03

Previous message: soultrax_at_verizon.net: "Just a question....."
Next in thread: Lowell Gilbert: "Re: can't figure out a problem with sudo"
Reply: Lowell Gilbert: "Re: can't figure out a problem with sudo"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Wed, 17 Dec 2003 19:14:47 -0700 (MST)
To: <freebsd-questions@freebsd.org>

All,

I'm starting to lose some hair, running a command through sudo. Other
commands work just fine through sudo, just one of them doesn't work.

The command is this:

sudo cp /home/filter/pfm/relay_recipients /usr/local/etc/postfix.

It fails with the following error message:

Sorry, user filter is not allowed to execute '/bin/cp
/home/filter/pfm/relay_recipients /usr/local/etc/postfix' as root on
mail2.

The command that comes after that:

sudo /usr/local/sbin/postmap /usr/local/etc/postfix/relay_recipients

works just fine.

I've included the directory listing below, and the sudoers file.

Any help would be greatly appreciated.

Thanks,

Kurt

----------snip here----------
mail2% ls -al /usr/local/etc/postfix
total 298
drwxr-xr-x 3 root wheel 2048 Dec 17 17:46 .
drwxr-xr-x 4 root wheel 512 Dec 17 18:05 ..
-rw-r--r-- 1 root wheel 11942 Jun 27 15:38 LICENSE
-rw-r--r-- 1 root wheel 8652 Jun 27 15:38 access
-rw-r--r-- 1 root wheel 245 Jun 28 20:18 aliases
-rw-r--r-- 1 root wheel 65536 Jun 28 20:46 aliases.db
-rw-r--r-- 1 root wheel 7559 Jun 27 15:38 canonical
-rw-r--r-- 1 root wheel 1152 Dec 17 17:46 main.cf
-rw-r--r-- 1 root wheel 9176 Jun 27 15:38 main.cf.default
-rw-r--r-- 1 root wheel 9176 Nov 25 17:07 main.cf.original
-rw-r--r-- 1 root wheel 2001 Dec 8 15:11 master.2003-12-08
-rw-r--r-- 1 root wheel 2001 Dec 8 16:05 master.cf
-rw-r--r-- 1 root wheel 5859 Jun 27 15:41 master.cf.original
-rwxr-xr-x 1 root wheel 6035 Jun 27 15:43 master.cf.updated
-rw-r--r-- 1 root wheel 7676 Jun 27 15:38 pcre_table
-rwxr-xr-x 1 root wheel 18866 Jun 27 15:38 post-install
-rw-r--r-- 1 root wheel 8643 Jun 27 15:38 postfix-files
-rwxr-xr-x 1 root wheel 5424 Jun 27 15:38 postfix-script
-rw-r--r-- 1 root wheel 4901 Jun 27 15:38 regexp_table
-rw-r--r-- 1 root wheel 0 Dec 17 17:46 relay_recipients
-rw-r--r-- 1 root wheel 65536 Dec 17 17:54 relay_recipients.db
-rw-r--r-- 1 root wheel 5070 Jun 27 15:38 relocated
drwxr-xr-x 2 root wheel 1536 Dec 15 16:47 samples
-rw-r--r-- 1 root wheel 499 Jun 27 15:44 transport
-rw-r--r-- 1 root wheel 65536 Jun 28 14:07 transport.db
-rw-r--r-- 1 root wheel 9131 Jun 27 15:43 transport.original
-rw-r--r-- 1 root wheel 9682 Jun 27 15:38 virtual
----------snip here----------

----------snip here----------
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification
User_Alias FILTER = filter

# Cmnd alias specification
Cmnd_Alias RELOAD = /usr/local/sbin/postfix reload
Cmnd_Alias MAP = /usr/local/sbin/postmap
/usr/local/etc/postfix/relay_recipients
Cmnd_Alias RECIPS = /usr/local/etc/postfix/relay_recipients
Cmnd_Alias DB = /usr/local/etc/etc/postfix/relay_recipients.db
Cmnd_Alias COPYRELAY = /bin/cp /usr/local/etc/postfix
Cmnd_Alias RMRELAY = /bin/rm /usr/local/etc/postfix

# Defaults specification
Defaults syslog=auth
Defaults:filter !authenticate

# User privilege specification
root ALL=(ALL) ALL
FILTER ALL=RELOAD, MAP, RECIPS, DB, COPYRELAY, RMRELAY

# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL

# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL

# Samples
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users localhost=/sbin/shutdown -h now
----------snip here----------

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

Next message: Mark: "auth.log"

Previous message: soultrax_at_verizon.net: "Just a question....."
Next in thread: Lowell Gilbert: "Re: can't figure out a problem with sudo"
Reply: Lowell Gilbert: "Re: can't figure out a problem with sudo"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Re: Opening applications as a different user
... Click Start, Run Command. ... > that only seems to let one run with root privileges? ... > then an instance of Mozilla opens without any issues, ...
(alt.os.linux.suse)
Re: Probleme mit Sudo
... # This file MUST be edited with the 'visudo' command as root. ... # See the sudoers man page for the details on how to write a sudoers file. ...
(de.comp.os.unix.linux.misc)
Re: sudo Configuration
... # This file MUST be edited with the 'visudo' command as root. ... # See the sudoers man page for the details on how to write a sudoers file. ...
(RedHat)
Re: /sys/power/state question with sudoers!
... # This file MUST be edited with the 'visudo' command as root. ...
(Debian-User)
Re: /sys/power/state question with sudoers!
... # This file MUST be edited with the 'visudo' command as root. ... As I understand it, sudo provides access to commands, not files. ...
(Debian-User)