On Sat, Nov 26, 2011 at 15:16, Laurent Dard f.couperin@online.fr wrote:
Le 26/11/2011 20:38, Timothy Pearson a écrit :
(I have no /opt/trinity/sbin and apps in /opt/trinity/bin may be run with sudo `which ...`.)
Yes, but is this with the stock sudo? I would be very surprised if that were true.
For the moment, with Trinity's sudo, sudo `which ...` works with executables in $HOME/bin that aren't in the secure path of sudo (AFAIK 'which' is called before 'sudo').
I just replaced /usr/bin/sudo, and /usr/lib/sudo/sudo_noexec.so by debian versions (and added /usr/lib/sudo/sudoers.so) and everything works.
$ sudo `which kwrite` Error: "/var/tmp/kdecache-eldi" is owned by uid 1000 instead of uid 0.
$ sudo `which konqueror` Error: "/var/tmp/kdecache-eldi" is owned by uid 1000 instead of uid 0. Error: "/tmp/kde-eldi" is owned by uid 1000 instead of uid 0. Error: "/tmp/ksocket-eldi" is owned by uid 1000 instead of uid 0. Error: "/var/tmp/kdecache-eldi" is owned by uid 1000 instead of uid 0. Error: "/var/tmp/kdecache-eldi" is owned by uid 1000 instead of uid 0. Error: "/var/tmp/kdecache-eldi" is owned by uid 1000 instead of uid 0. Error: "/var/tmp/kdecache-eldi" is owned by uid 1000 instead of uid 0.
Of course `which <exe>` would work, that searches the PATH and /opt/trinity/bin and /opt/trinity/sbin is in the PATH. That would work with normal sudo too.