How can you grant sudo access for a specific command with flags.
Ex. I requested sudo access for this command below:
sudo /usr/bin/su - wassa /usr/was7/profiles/dmgr/bin/wsadmin.sh
I can run the above command but cannot run any of the below commands (it will prompt for password then say I do not have the required access):
sudo /usr/bin/su - wassa /usr/was7/profiles/dmgr/bin/wsadmin.sh -lang jython -c "AdminApplication.stopApplicationOnCluster('app', '$APP_CLUSTER')"
sudo /usr/bin/su - wassa /usr/was7/profiles/dmgr/bin/wsadmin.sh -lang jython -c "AdminApplication.stopApplicationOnCluster('app', '$APP_CLUSTER')"
I know I could easily request each command separately (which I may have to anyway because of the companies policy), but I want to avoid it in case I need to make any script changes, I won't want to have to submit another ticket and wait.
Best Answer
sudoallows shell-style wildcards (aka meta or glob characters) to be used in host names, path names and command line arguments in thesudoersfile.*Matches any set of zero or more characters.?Matches any single character.[...]Matches any character in the specified range.[!...]Matches any character not in the specified range.\xFor any character ‘x’, evaluates to ‘x’. This is used to escape special characters such as:‘*’, ‘?’, ‘[’, and ‘]’.So you could define something along the lines of this to allow both the command with or without arguments: