0

I'm trying to write a universal sudoers file to control permissions for all our users across all our environments and I've been using the wildcard for the hostnames like so (all data has been anonymized)

Host_Alias stg01     = *.stg01.sfo.acme.com
Host_Alias stg02     = *.stg02.sfo.acme.com
Host_Alias stg03     = *.stg03.sfo.acme.com
Host_Alias prod      = *.prod.aus.acme.com, *.prod.nyc.acme.com
Host_Alias prod02    = *.prod02.aus.acme.com, *.prod02.nyc.acme.com
Host_Alias prod03    = *.prod03.nyc.acme.com
Host_Alias db01      = *.db01.sfo.acme.com
Host_Alias db02      = *.db02.sfo.acme.com
Host_Alias db03      = *.db03.sfo.acme.com
Host_Alias hi02      = *.hi02.sfo.acme.com
Host_Alias env1      = mgmt02.stg01.sfo.acme.com, *.hiho.sfo.acme.com
Host_Alias env2      = *.prod.aus.acme.com, *.prod.nyc.acme.com, *.stg01.sfo.acme.com, *.prod02.aus.acme.com, *.prod02.nyc.acme.com, *.hiho.sfo.acme.com
Host_Alias testhosts = ws1.prod.aus.acme.com, ws2.prod.nyc.acme.com, ws1.prod.aus.acme.com, ws2.prod.nyc.acme.com
Host_Alias env3      = mgmt01.stg01.sfo.acme.com, *.hiho.sfo.acme.com
Host_Alias env4 = *.prod.aus.acme.com, *.prod.nyc.acme.com, *.stg01.sfo.acme.com
Host_Alias env5  = *.prod.aus.acme.com, *.prod.nyc.acme.com, *.stg01.sfo.acme.com, *.hiho.sfo.acme.comsfo

When I try it, I get:

>>> sudoers file: syntax error, line 0 <<<

and it repeats all the way to line 16. This is on a Solaris x86 server running sunOS 5.10.

Did I do something wrong? a visudo -c -f returns fine on my linux testbox so I'm confused.

Any ideas would be appreciated!

Thanks.

gozu
  • 313
  • 2
  • 6
  • 14

2 Answers2

1

Have you tried running w/o wildcard hosts and then adding one of them back to see if sudo gets bothered? This would clear up the question as to whether wildcards on hosts are allowed.

mdpc
  • 11,698
  • 28
  • 51
  • 65
0

I needed to use capital letters for all the host aliases. so STG01 instead of stg01 and so on :)

gozu
  • 313
  • 2
  • 6
  • 14