You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi Team,
I am configuring sudo in my RedHat 8 node using the digest feature.
So for the command that needs full whitelisting, I am allowing using the below method which is working fine.
But there are a few commands that I need to allow for limited files as -
Cmnd_Alias SUDOEDIT = sudoedit /etc/sudoers, sudoedit /var/log/audit/audit.log, sudoedit /etc/audit/auditd.conf
When I am allowing this using the below entry, it is not working.
Hi Team,
I am configuring sudo in my RedHat 8 node using the digest feature.
So for the command that needs full whitelisting, I am allowing using the below method which is working fine.
%my_group_name ALL=(ALL) NOPASSWD:SETENV: sha224:8c3f2dea6e13bb4a4fbed2314d6f2a1ba00f79c63faac6b2907f09bf8 /usr/bin/ls
But there are a few commands that I need to allow for limited files as -
Cmnd_Alias SUDOEDIT = sudoedit /etc/sudoers, sudoedit /var/log/audit/audit.log, sudoedit /etc/audit/auditd.conf
When I am allowing this using the below entry, it is not working.
**%my_group_name ALL=(ALL) NOPASSWD:SETENV: sha224:8c3f2dea6e13bb4a4fbed2314d6f2a1ba00f79c63faac6b2907f09bf8 SUDOEDIT **
OR
Defaults!SUDOEDIT digest_sha512=ad8a2af7358908c6ed8978c4104316b0f500b0c1432ae31b373e41559d3044fe4ce4d4c8b210754cb6ae2925316eec9384fa583c1122660d59e6e08c29a6e5e9
%my_group_name ALL=(ALL) NOPASSWD: SUDOEDIT
I need support on how to define any command when it needs to only allow specific files to be executed with a digest check.
The text was updated successfully, but these errors were encountered: