It is better to add custom files & entries to files stored in the "/etc/sudoers.d" folder (or rather "/private/etc/sudoers.d" for macOS) if you uncomment the line in the "sudoers" file. You really should not modify the "sudoers" file itself. Second I'm not sure you can use SETENV there since it expects the actual command. Two things I see are that there is no initial user/group on either line before the first "ALL". I'm not an expert in modifying the "sudoers" file. I found all that pretty interesting to my newbie brain. > /Users/trav/Desktop/sudoersfilepluginthing.c: syntax error near line 57 > /Users/trav/Desktop/sudoersfilepluginthing.c: syntax error near line 57 > /Users/trav/Desktop/sudoersfilepluginthing.c: syntax error near line 57 > /Users/trav/Desktop/sudoersfilepluginthing.c: syntax error near line 57 ![]() When I opened and wrote it in visudo, I got this returned to terminalħ51> sudo visudo /Users/trav/Desktop/sudoersfilepluginthing.c The above edits to the file were made with BBEdit. > /Users/trav/Desktop/sudoersfilepluginthing.c: syntax error near line 57 Then this=Įrror introduced into the file was: trav ALL = NOPA ALLħ50> sudo visudo -c /Users/trav/Desktop/sudoersfilepluginthing.c ![]() Users/trav/Desktop/sudoersfilepluginthing.c: parsed OK I guess sort of like this Bbedit version:ħ45> sudo visudo -c /Users/trav/Desktop/sudoersfilepluginthing.c It makes more sense for most average users to use "nano" instead since it actually provides the basic key commands hints at the bottom of the screen including how to list the help screen. While I can appreciate the power of vi/vim I can never seem to recall the proper commands to use on the few times every few years where I may actually encounter vi/vim. You can safely test this out by creating a test file in your home folder and enter an incorrect configuration: EDITOR=nano sudo visudo -f ~/Desktop/test-sudoers.test Here is a snippet from the "man visudo": There is a hard-coded list of one or more editors that visudo will use set at compile-time that may be overridden via the editor sudoers Default variable. This list defaults to vi. Normally, visudo does not honor the VISUAL or EDITOR environment variables unless they contain an editor in the aforementioned editors list. However, if visudo is configured with the -with-env-editor option or the env_editor Default variable is set in sudoers, visudo will use any the editor defines by VISUAL or EDITOR. Note that this can be a security hole since it allows the user to execute any program they wish simply by setting VISUAL or EDITOR. The editor is irrelevant as along as "visudo" is executed as I mentioned with the "EDITOR=nano" variable set. ![]() The "visudo" utility itself is what performs the actual check to make sure the "sudoers" file is in the correct format. I do know it is safe to use "nano" if you set the "EDITOR" variable. I thought I had tested "visudo" on a Mac a while back and it used "nano" as the editor, but perhaps I'm mistaken on that point as it was a while ago. Perhaps they should have come up with a nasudo? Howdy, In my searches, I have not read a thing with regard to Nano being the default in any macOS? I kinda feel that it is called visudo for a reason.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |