Summary

In the Administration Guides for BoKS Manager versions 6.6.2 -> 7.1, it is stated that the wildcard asterisk * for target user in SUEXEC Access Routes / Rules does not include root, but this only applies to SU Access Routes / Rules.

Reference Information

In the BoKS Manager Administration Guide for various versions, an example access configuration states that for SUEXEC access, the asterisk * wildcard for target user does not include the root user.

For example, in the BoKS Manager 7.1 Administration Guide:

The source/destination parameters for the access method suexec are:

-m SUEXEC -S TTY [--from-user user] -D Host(group) [--target-user user] -p program

The source asterisk * means anyone from any terminal, but covers only maria, since she
is the only one being assigned this rule. The destination “root” or “#0” must be explicitly
stated; in su and suexec, an asterisk applies only to ordinary users, not to root.

In fact, for SUEXEC access, asterisk * does include root. Also, #0 cannot be used to match root for SUEXEC access.


Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: March 21, 2019