can't figure out a problem with sudo

KURT BUFF kurtbuff at spro.net
Wed Dec 17 18:14:48 PST 2003 

All,

I'm starting to lose some hair, running a command through sudo. Other
commands work just fine through sudo, just one of them doesn't work.

The command is this:

sudo cp /home/filter/pfm/relay_recipients /usr/local/etc/postfix.

It fails with the following error message:

Sorry, user filter is not allowed to execute '/bin/cp
/home/filter/pfm/relay_recipients /usr/local/etc/postfix' as root on
mail2.


The command that comes after that:

sudo /usr/local/sbin/postmap /usr/local/etc/postfix/relay_recipients

works just fine.

I've included the directory listing below, and the sudoers file.

Any help would be greatly appreciated.

Thanks,

Kurt

----------snip here----------
mail2% ls -al /usr/local/etc/postfix
total 298
drwxr-xr-x  3 root  wheel   2048 Dec 17 17:46 .
drwxr-xr-x  4 root  wheel    512 Dec 17 18:05 ..
-rw-r--r--  1 root  wheel  11942 Jun 27 15:38 LICENSE
-rw-r--r--  1 root  wheel   8652 Jun 27 15:38 access
-rw-r--r--  1 root  wheel    245 Jun 28 20:18 aliases
-rw-r--r--  1 root  wheel  65536 Jun 28 20:46 aliases.db
-rw-r--r--  1 root  wheel   7559 Jun 27 15:38 canonical
-rw-r--r--  1 root  wheel   1152 Dec 17 17:46 main.cf
-rw-r--r--  1 root  wheel   9176 Jun 27 15:38 main.cf.default
-rw-r--r--  1 root  wheel   9176 Nov 25 17:07 main.cf.original
-rw-r--r--  1 root  wheel   2001 Dec  8 15:11 master.2003-12-08
-rw-r--r--  1 root  wheel   2001 Dec  8 16:05 master.cf
-rw-r--r--  1 root  wheel   5859 Jun 27 15:41 master.cf.original
-rwxr-xr-x  1 root  wheel   6035 Jun 27 15:43 master.cf.updated
-rw-r--r--  1 root  wheel   7676 Jun 27 15:38 pcre_table
-rwxr-xr-x  1 root  wheel  18866 Jun 27 15:38 post-install
-rw-r--r--  1 root  wheel   8643 Jun 27 15:38 postfix-files
-rwxr-xr-x  1 root  wheel   5424 Jun 27 15:38 postfix-script
-rw-r--r--  1 root  wheel   4901 Jun 27 15:38 regexp_table
-rw-r--r--  1 root  wheel      0 Dec 17 17:46 relay_recipients
-rw-r--r--  1 root  wheel  65536 Dec 17 17:54 relay_recipients.db
-rw-r--r--  1 root  wheel   5070 Jun 27 15:38 relocated
drwxr-xr-x  2 root  wheel   1536 Dec 15 16:47 samples
-rw-r--r--  1 root  wheel    499 Jun 27 15:44 transport
-rw-r--r--  1 root  wheel  65536 Jun 28 14:07 transport.db
-rw-r--r--  1 root  wheel   9131 Jun 27 15:43 transport.original
-rw-r--r--  1 root  wheel   9682 Jun 27 15:38 virtual
----------snip here----------



----------snip here----------
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification
User_Alias   FILTER = filter

# Cmnd alias specification
Cmnd_Alias   RELOAD = /usr/local/sbin/postfix reload
Cmnd_Alias   MAP = /usr/local/sbin/postmap
/usr/local/etc/postfix/relay_recipients
Cmnd_Alias   RECIPS = /usr/local/etc/postfix/relay_recipients
Cmnd_Alias   DB = /usr/local/etc/etc/postfix/relay_recipients.db
Cmnd_Alias   COPYRELAY = /bin/cp /usr/local/etc/postfix
Cmnd_Alias   RMRELAY = /bin/rm /usr/local/etc/postfix

# Defaults specification
Defaults          syslog=auth
Defaults:filter   !authenticate

# User privilege specification
root    ALL=(ALL) ALL
FILTER  ALL=RELOAD, MAP, RECIPS, DB, COPYRELAY, RMRELAY

# Uncomment to allow people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

# Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now
----------snip here----------

More information about the freebsd-questions mailing list