Hi All, I'm using the same version of sudo on my Solaris systems. And by 'valid' I didn't mean merely listed in /etc/shell; I meant a real shell like bash. However, I'm afraid I can't reproduce the problem at the moment, but I can say that I resorted to giving the nagios user a real shell only when I realised I needed to run a shell-script plugin as the root user. Someone explained to me: "It would be a security flaw for sudo to allow anything to run for a user who is not otherwise entitled to a real shell." I make no comment on the reasoning--consider it hearsay--but sure enough, it was the only way I could get my plugin to work. If I get a chance to reproduce the problem, I'll see what I can dig out about it. Alex <div>On 9/4/06, Hari Sekhon <<a href="mailto:hpsekhon@googlemail.com">hpsekhon@googlemail.com</a>> wrote:<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> <div> <div bgcolor="#ffffff" text="#000000"></div><div> Thomas Sluyter wrote: <blockquote cite="http://midF6AB67A9-745F-4F6B-B2BC-B5256E343DC6@kilala.nl" type="cite"> <pre>On 4 Sep, 2006, at 12:09, Hari Sekhon wrote: </pre> <blockquote type="cite"> <pre>Alexander Harvey wrote: </pre> <blockquote type="cite"> <pre>Note to Hari: my understanding is that sudo won't work for account that doesn't have a valid shell. Certainly all my testing led me to that conclusion. </pre> </blockquote> <pre>So it would seem that this is not correct. A valid shell is not required. </pre> </blockquote> <pre>Actually, to nitpick a little :) I'd think it's entirely possible that sudo requires a valid shell, just like FTP and such. But in that case "valid" would mean "listed in /etc/shells" and not "working like a normal shell"... I'd have to check the man-page to be sure though.. Cheers! </pre> </blockquote> </div><div> /bin/false isn't listed as a valid shell on my nagios box and this still works. hmm. Also, you could use sudo -s /bin/bash check_command so that you get the shell for that one command. The man page says you can use this to override the system set shell. If you find anything written anywhere about this then let me know. It's entirely possible that different versions have different quirks, this is not unknown in unixland... fyi my sudo -V gives me the version as "Sudo version 1.6.8p9" (lots of extras output omitted) -h </div> </div> ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642" target="_blank"> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642</a> _______________________________________________ Nagios-users mailing list <a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:Nagios-users@lists.sourceforge.net"> Nagios-users@lists.sourceforge.net</a> <a onclick="return top.js.OpenExtLink(window,event,this)" href="https://lists.sourceforge.net/lists/listinfo/nagios-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/nagios-users </a> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null </blockquote></div>