Run as group fails (sudo -g)

Question

I would like to run a command with temporary group membership but it seems that I don't have permission to do that. As an example, if I run sudo -g internet ls, I get the message Sorry, user rudivonstaden is not allowed to execute '/bin/ls' as rudivonstaden:internet on rudivonstaden-desktop.

In my limited understanding, this should be governed by the /etc/sudoers file, potentially modified by files in /etc/sudoers.d. The latter folder only contains the README file, and the sudoers file has the following:

root    ALL=(ALL:ALL) ALL
%sudo   ALL=(ALL:ALL) ALL

As far as I can tell, that should allow any sudo user to run any file as any group using the -g option. Is there a bug somewhere, or am I missing something?

score 4 · Accepted Answer · edited Apr 13 '17 at 12:24

4

I managed to get it working by editing my /etc/sudoers file (with sudo vimsudo), and changing the admin group permissions from

%admin ALL=(ALL) ALL

to

%admin ALL=(ALL:ALL) ALL

The sudo group is a bit of a red herring on Ubuntu, it's actually the admin group that defines sudo permissions. See this question for more on how Ubuntu uses the admin and sudo groups.

edited Apr 13 '17 at 12:24

Community

1

answered Jul 11 '12 at 15:35

rudivonstaden

539

Run as group fails (sudo -g)

1 Answers1