sudo: Sorry, user root is not allowed to execute

This command fails on OpenSuSE 11.4:

root@host# sudo -S -u "coreapp_customer1_d" -g "coreapp_customer1_d"  /bin/bash -l -c "mkdir -p /home/coreapp_customer1_d/.ssh"

with this message:

Sorry, user root is not allowed to execute 
'/bin/bash -l -c mkdir -p /home/coreapp_customer1_d/.ssh' 
as coreapp_customer1_d:coreapp_customer1_d
on workdevel114.

but it works on OpenSuSE 12.3.

I compared the /etc/sudoers file of both systems, and (except for comment lines) they are the same.


I had this problem myself and could solve it with

root    ALL=(ALL:ALL) ALL

in visudo. The important part being :ALL. The sudoers man page says this:

In the following example, user tcm may run commands that access a modem device file with the dialer group.

tcm boulder = (:dialer) /usr/bin/tip, /usr/bin/cu,\ /usr/local/bin/minicom

Note that in this example only the group will be set, the command still runs as user tcm. E.g.

$ sudo -g dialer /usr/bin/cu

In my context using -g was the whole point since I wanted to know what a group can write to with:

sudo -u nobody -g some_group find . -writable 2> /dev/null > /tmp/some_group_writable.txt

I found a work around myself:

In my context the -g option (group) is not needed. If the command gets called without it, it works on the old distribution.