Disregard .. I figured it out just added /usr/bin fdisk -l to command list run as user root and applied the command to sudo rule
Running as expected where sudo fdisk /dev/sda fails but sudo fdisk -l works Sean Hogan From: Sean Hogan/Durham/IBM@IBMUS To: freeipa-users <[email protected]> Date: 03/27/2017 01:55 PM Subject: [Freeipa-users] Sudo Rule flag limitations Sent by: [email protected] Hello, I was wondering how possible it would be to allow sudo commands with certain flags but not the actual command Case in point: If a user requests sudo fdisk -l to view partitions can this be set without giving access to sudo fdisk /dev/sda ? Would the sudo rule have to deny fdisk /dev/sda but allow fdisk -l? Not really sure how that would work. ipa-client-3.0.0-50.el6.1.x86_64 ipa-server-selinux-3.0.0-50.el6.1.x86_64 ipa-server-3.0.0-50.el6.1.x86_64 sssd-ipa-1.13.3-22.el6_8.4.x86_64 python-libipa_hbac-1.13.3-22.el6_8.4.x86_64 ipa-admintools-3.0.0-50.el6.1.x86_64 python-iniparse-0.3.1-2.1.el6.noarch Thank you Sean Hogan -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
