From owner-freebsd-questions@FreeBSD.ORG  Wed Dec 17 18:14:48 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 86BD516A4CE
	for <freebsd-questions@freebsd.org>;
	Wed, 17 Dec 2003 18:14:48 -0800 (PST)
Received: from best.spro.net (smtpout1a.spro.net [204.228.238.253])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BC24D43D48
	for <freebsd-questions@freebsd.org>;
	Wed, 17 Dec 2003 18:14:46 -0800 (PST)
	(envelope-from kurtbuff@spro.net)
Received: from best.spro.net ([198.60.253.182]) by best.spro.net
          (Netscape Messaging Server 4.15) with SMTP id HQ2JJ800.UZC for
          <freebsd-questions@freebsd.org>; Wed, 17 Dec 2003 19:13:56 -0700 
Received: from spro.net (norland.spro.net [198.60.253.65]) by best.spro.net
	with SMTP (MailShield v1.5); Wed, 17 Dec 2003 19:13:56 -0700
Received: from 216.202.42.5
        (SquirrelMail authenticated user kurtbuff)
        by webmail.spro.net with HTTP;
        Wed, 17 Dec 2003 19:14:47 -0700 (MST)
Message-ID: <7049.216.202.42.5.1071713687.squirrel@webmail.spro.net>
Date: Wed, 17 Dec 2003 19:14:47 -0700 (MST)
From: "KURT BUFF" <kurtbuff@spro.net>
To: <freebsd-questions@freebsd.org>
X-Priority: 3
Importance: Normal
X-Mailer: SquirrelMail (version 1.2.8)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-SMTP-HELO: spro.net
X-SMTP-MAIL-FROM: kurtbuff@spro.net
X-SMTP-PEER-INFO: norland.spro.net [198.60.253.65]
Subject: can't figure out a problem with sudo
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Dec 2003 02:14:48 -0000

All,

I'm starting to lose some hair, running a command through sudo. Other
commands work just fine through sudo, just one of them doesn't work.

The command is this:

sudo cp /home/filter/pfm/relay_recipients /usr/local/etc/postfix.

It fails with the following error message:

Sorry, user filter is not allowed to execute '/bin/cp
/home/filter/pfm/relay_recipients /usr/local/etc/postfix' as root on
mail2.


The command that comes after that:

sudo /usr/local/sbin/postmap /usr/local/etc/postfix/relay_recipients

works just fine.

I've included the directory listing below, and the sudoers file.

Any help would be greatly appreciated.

Thanks,

Kurt

----------snip here----------
mail2% ls -al /usr/local/etc/postfix
total 298
drwxr-xr-x  3 root  wheel   2048 Dec 17 17:46 .
drwxr-xr-x  4 root  wheel    512 Dec 17 18:05 ..
-rw-r--r--  1 root  wheel  11942 Jun 27 15:38 LICENSE
-rw-r--r--  1 root  wheel   8652 Jun 27 15:38 access
-rw-r--r--  1 root  wheel    245 Jun 28 20:18 aliases
-rw-r--r--  1 root  wheel  65536 Jun 28 20:46 aliases.db
-rw-r--r--  1 root  wheel   7559 Jun 27 15:38 canonical
-rw-r--r--  1 root  wheel   1152 Dec 17 17:46 main.cf
-rw-r--r--  1 root  wheel   9176 Jun 27 15:38 main.cf.default
-rw-r--r--  1 root  wheel   9176 Nov 25 17:07 main.cf.original
-rw-r--r--  1 root  wheel   2001 Dec  8 15:11 master.2003-12-08
-rw-r--r--  1 root  wheel   2001 Dec  8 16:05 master.cf
-rw-r--r--  1 root  wheel   5859 Jun 27 15:41 master.cf.original
-rwxr-xr-x  1 root  wheel   6035 Jun 27 15:43 master.cf.updated
-rw-r--r--  1 root  wheel   7676 Jun 27 15:38 pcre_table
-rwxr-xr-x  1 root  wheel  18866 Jun 27 15:38 post-install
-rw-r--r--  1 root  wheel   8643 Jun 27 15:38 postfix-files
-rwxr-xr-x  1 root  wheel   5424 Jun 27 15:38 postfix-script
-rw-r--r--  1 root  wheel   4901 Jun 27 15:38 regexp_table
-rw-r--r--  1 root  wheel      0 Dec 17 17:46 relay_recipients
-rw-r--r--  1 root  wheel  65536 Dec 17 17:54 relay_recipients.db
-rw-r--r--  1 root  wheel   5070 Jun 27 15:38 relocated
drwxr-xr-x  2 root  wheel   1536 Dec 15 16:47 samples
-rw-r--r--  1 root  wheel    499 Jun 27 15:44 transport
-rw-r--r--  1 root  wheel  65536 Jun 28 14:07 transport.db
-rw-r--r--  1 root  wheel   9131 Jun 27 15:43 transport.original
-rw-r--r--  1 root  wheel   9682 Jun 27 15:38 virtual
----------snip here----------



----------snip here----------
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification
User_Alias   FILTER = filter

# Cmnd alias specification
Cmnd_Alias   RELOAD = /usr/local/sbin/postfix reload
Cmnd_Alias   MAP = /usr/local/sbin/postmap
/usr/local/etc/postfix/relay_recipients
Cmnd_Alias   RECIPS = /usr/local/etc/postfix/relay_recipients
Cmnd_Alias   DB = /usr/local/etc/etc/postfix/relay_recipients.db
Cmnd_Alias   COPYRELAY = /bin/cp /usr/local/etc/postfix
Cmnd_Alias   RMRELAY = /bin/rm /usr/local/etc/postfix

# Defaults specification
Defaults          syslog=auth
Defaults:filter   !authenticate

# User privilege specification
root    ALL=(ALL) ALL
FILTER  ALL=RELOAD, MAP, RECIPS, DB, COPYRELAY, RMRELAY

# Uncomment to allow people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

# Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now
----------snip here----------