On Sat, Nov 26, 2011 at 15:16, Laurent Dard <f.couperin@...> wrote:
> Le 26/11/2011 20:38, Timothy Pearson a écrit :
>>> (I have no /opt/trinity/sbin and apps in /opt/trinity/bin may be run with
>>> sudo `which ...`.)
>>>
>>
>> Yes, but is this with the stock sudo?  I would be very surprised if that
>> were true.
>
> For the moment, with Trinity's sudo, sudo `which ...` works with
> executables in $HOME/bin that aren't in the secure path of sudo
> (AFAIK 'which' is called before 'sudo').
>
> I just replaced /usr/bin/sudo, and /usr/lib/sudo/sudo_noexec.so by
> debian versions (and added /usr/lib/sudo/sudoers.so) and everything
> works.
>
> $ sudo `which kwrite`
> Error: "/var/tmp/kdecache-eldi" is owned by uid 1000 instead of uid 0.
>
> $ sudo `which konqueror`
> Error: "/var/tmp/kdecache-eldi" is owned by uid 1000 instead of uid 0.
> Error: "/tmp/kde-eldi" is owned by uid 1000 instead of uid 0.
> Error: "/tmp/ksocket-eldi" is owned by uid 1000 instead of uid 0.
> Error: "/var/tmp/kdecache-eldi" is owned by uid 1000 instead of uid 0.
> Error: "/var/tmp/kdecache-eldi" is owned by uid 1000 instead of uid 0.
> Error: "/var/tmp/kdecache-eldi" is owned by uid 1000 instead of uid 0.
> Error: "/var/tmp/kdecache-eldi" is owned by uid 1000 instead of uid 0.
>

Of course `which <exe>` would work, that searches the PATH
and /opt/trinity/bin and /opt/trinity/sbin is in the PATH.
That would work with normal sudo too.


-- 
later daze. :: Robert Xu :: rxu.lincomlinux.org :: protocol.by/rxu