X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=sample.sudoers;h=0ef1579ecce6eb8c8b2f23a825a4f6db92a95898;hb=85f14572d38db7bfbd2485fce9a3c956331c7afb;hp=29d88c97775b4f933388cc5e689a93fa9f67782a;hpb=fb7645a1633a5422a294859f07981dc7f4b9c4e3;p=debian%2Fsudo

diff --git a/sample.sudoers b/sample.sudoers
index 29d88c9..0ef1579 100644
--- a/sample.sudoers
+++ b/sample.sudoers
@@ -4,7 +4,16 @@
 # This file MUST be edited with the 'visudo' command as root.
 #
 # See the sudoers man page for the details on how to write a sudoers file.
-#
+
+##
+# Override built-in defaults
+##
+Defaults		syslog=auth
+Defaults>root		!set_logname
+Defaults:FULLTIMERS	!lecture
+Defaults:millert	!authenticate
+Defaults@SERVERS	log_year, logfile=/var/log/sudo.log
+Defaults!PAGERS		noexec
 
 ##
 # User alias specification
@@ -35,8 +44,8 @@ Host_Alias	CDROM = orion, perseus, hercules
 # Cmnd alias specification
 ##
 Cmnd_Alias	DUMPS = /usr/sbin/dump, /usr/sbin/rdump, /usr/sbin/restore, \
-			/usr/sbin/rrestore, /bin/mt
-Cmnd_Alias	KILL = /bin/kill
+			/usr/sbin/rrestore, /usr/bin/mt
+Cmnd_Alias	KILL = /usr/bin/kill
 Cmnd_Alias	PRINTING = /usr/sbin/lpc, /usr/bin/lprm
 Cmnd_Alias	SHUTDOWN = /usr/sbin/shutdown
 Cmnd_Alias	HALT = /usr/sbin/halt
@@ -47,15 +56,7 @@ Cmnd_Alias	SHELLS = /sbin/sh, /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \
 Cmnd_Alias	SU = /usr/bin/su
 Cmnd_Alias	VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, \
 		       /usr/bin/chfn
-
-##
-# Override built-in defaults
-##
-Defaults               syslog=auth
-Defaults>root          !set_logname
-Defaults:FULLTIMERS    !lecture
-Defaults:millert       !authenticate
-Defaults@SERVERS       log_year, logfile=/var/log/sudo.log
+Cmnd_Alias	PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
 
 ##
 # User specification
@@ -82,10 +83,10 @@ operator	ALL = DUMPS, KILL, SHUTDOWN, HALT, REBOOT, PRINTING,\
 		sudoedit /etc/printcap, /usr/oper/bin/
 
 # joe may su only to operator
-joe		ALL = /bin/su operator
+joe		ALL = /usr/bin/su operator
 
 # pete may change passwords for anyone but root on the hp snakes
-pete		HPPA = /usr/bin/passwd [A-z]*, !/usr/bin/passwd root
+pete		HPPA = /usr/bin/passwd [A-Za-z]*, !/usr/bin/passwd root
 
 # bob may run anything on the sparc and sgi machines as any user
 # listed in the Runas_Alias "OP" (ie: root and operator)
@@ -96,13 +97,13 @@ jim		+biglab = ALL
 
 # users in the secretaries netgroup need to help manage the printers
 # as well as add and remove users
-+secretaries	ALL = PRINTING, /usr/sbin/adduser, /usr/bin/rmuser
++secretaries	ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser
 
 # fred can run commands as oracle or sybase without a password
 fred		ALL = (DB) NOPASSWD: ALL
 
 # on the alphas, john may su to anyone but root and flags are not allowed
-john		ALPHA = /bin/su [!-]*, !/bin/su *root*
+john		ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
 
 # jen can run anything on all machines except the ones
 # in the "SERVERS" Host_Alias