block setfacl to specific group in sudo
Hi All,
Am trying to block the setfacl command for sudo user (my specific requirement) as below:
%testing ALL= NOPASSWD: !/usr/bin/setfacl -m g:testing:*
Dont want sudo user to perform any setfacl operation for testing group.
Am getting below error:
@localhost ]$ sudo setfacl -m g:testing:rw- somefile/
sudo: >>> /etc/sudoers: syntax error near line 111
sudo: parse error in /etc/sudoers near line 111
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
line number 111 is :
%testing ALL= NOPASSWD: !/usr/bin/setfacl -m g:testing:*
Responses