{{{ oval_metadata("Check that sudoers doesn't contain command negations", rule_title=rule_title) }}} ^/etc/sudoers(\.d/.*)?$ ^(?:\s*[^#=]+)=(?:\s*(?:\([^\)]+\))?\s*(?!\s*\()[^,!\n][^,\n]+,)*\s*(?:\([^\)]+\))?\s*(?!\s*\()(!\S+).* 1