Are you guys removing your user's access and just adding the line for syspatch or are you just tacking on the syspatch line?
It "works" if I just tack on the syspatch line because my usual "allow everything" still matches.
If you restrict the user to only /usr/sbin/syspatch, the user needs to run exactly '/usr/sbin/syspatch'. Just 'syspatch' doesn't work. Use the full path.
EDIT: Sorry, I just re-read the thread. I guess that doesn't work for bsd007.
|