projects
/
grml-live.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
sudoers: set Defaults secure_path to have sane default settings
[grml-live.git]
/
etc
/
grml
/
fai
/
config
/
files
/
etc
/
sudoers
/
GRMLBASE
diff --git
a/etc/grml/fai/config/files/etc/sudoers/GRMLBASE
b/etc/grml/fai/config/files/etc/sudoers/GRMLBASE
index
c3f2643
..
7a46342
100644
(file)
--- a/
etc/grml/fai/config/files/etc/sudoers/GRMLBASE
+++ b/
etc/grml/fai/config/files/etc/sudoers/GRMLBASE
@@
-3,8
+3,8
@@
# See the man page for details on how to write a sudoers file.
# This file was deployed via grml-live's
# See the man page for details on how to write a sudoers file.
# This file was deployed via grml-live's
-#
/etc/grml/fai
/config/scripts/GRMLBASE/20-sudo script, using
-#
/etc/grml/fai
/config/files/etc/sudoers/GRMLBASE
+#
${GRML_FAI_CONFIG}
/config/scripts/GRMLBASE/20-sudo script, using
+#
${GRML_FAI_CONFIG}
/config/files/etc/sudoers/GRMLBASE
# Host alias specification
# Host alias specification
@@
-20,6
+20,9
@@
root ALL=(ALL) ALL
# WARNING: Never allow external access to the $USERNAME user!!!
$USERNAME ALL=NOPASSWD: ALL
# WARNING: Never allow external access to the $USERNAME user!!!
$USERNAME ALL=NOPASSWD: ALL
+# Path used for every command run from sudo
+Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
# allow editing of files with editor:
# $USERNAME ALL=NOPASSWD: sudoedit
# allow editing of files with editor:
# $USERNAME ALL=NOPASSWD: sudoedit