A "real-life" sudoers file

 \#\# NOTE: this file has been shortened & names changed to protect the innocent! ;-)
 \# sudoers file
 \#
 \# See the man page for the details on how to write a sudoers file.
 \#
 \# Host alias specification
 Host_Alias SERVERS=+sun-servers
 Host_Alias BUSOPS=HOST1,HOST2,HOST3
 Host_Alias HPCLIENTS=+NETGROUP1
 Host_Alias IOTCHOSTS=HOST4,HOST5,HOST6
 \# Cmnd alias specification
 Cmnd_Alias REBOOT=/etc/reboot,/etc/halt
 Cmnd_Alias LPCS=/usr/ucb/lpc,/usr/etc/lpc,/usr/ucb/lprm
 Cmnd_Alias CAPSTUFF=/usr/local/cap/etc/stop-cap-servers, /usr/local/cap/etc/start-cap-servers
 Cmnd_Alias INTERNCMD=/usr/local/bin/changepassword, /usr/local/etc/mkaliases,/usr/local/etc/mkhosts, /usr/local/bin/pprdist,/usr/local/etc/nismake, /usr/local/bin/edadmin,/usr/local/bin/chuser, /usr/ucb/lpc,/usr/etc/lpc,/usr/ucb/lprm, /usr/local/cap/etc/stop-cap-servers, /usr/local/cap/etc/start-cap-servers
 Cmnd_Alias HTTP=/app/http/httpd_1.4/restart_httpd
 Cmnd_Alias HTTP1=/app/http/httpd_1.4/start_httpd
 Cmnd_Alias SHELLS=/bin/sh,/sbin/sh,/sbin/jsh,/usr/bin/sh, /bin/csh,/usr/bin/csh,/bin/ksh,/usr/bin/ksh, /usr/local/share/bin/tcsh,/usr/local/share/bin/bash, /usr/local/bin/tcsh,/usr/local/bin/bash
 Cmnd_Alias SU=/bin/su,/usr/bin/su
 \# User specification
 \# Sysadmins
 sa1 ALL=ALL
 sa2 ALL=ALL
 \# machine drew
 drews-a1 drew=ALL
 drews-a2 drew=ALL
 \# DNS functions
 \#
 dns-sa1 HOST1=ALL:+HOST1-sun-clients=ALL
 dns-sa2 HOST1=/usr/local/bin/DNSpush:+HOST1-sun-clients=ALL
 dns-sa3 HOST1=/usr/local/bin/DNSpush:+HOST1-sun-clients=ALL
 \# Remote Sysadmins
 REM1-sa1 ALL=ALL
 REM2-sa2 REMOTEHOSTS=ALL:REMOTECLIENTS=ALL:ALL=INTERNCMD
 REM3-sa1 ALL=ALL
 REM3-sa2 ALL=INTERNCMD
 REM4-sa1 REM4HOSTS=ALL:ALL=INTERNCMD
 REM4-sa2 REM4HOSTS=ALL:ALL=INTERNCMD
 REM5-sa1 REM5HOSTS=ALL:ALL=INTERNCMD
 \# Intern Admins
 intern-sa1 ALL=INTERNCMD
 intern-sa2 ALL=INTERNCMD
 \#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#
 \#\# HOST1
 \#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#
 sa1 HOST1=/usr/local/etc/mkhosts
 sa2 HOST1=/usr/local/etc/nismake: HOST2=ALL:HOST3=ALL
 \#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#
 \#\# Remote print servers, etc
 \#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#\#
 REM1-sa1 REMOTECLIENTS=ALL:HOST1=ALL:HOST2=LPCS, /bin/chmod,/bin/chgrp,/bin/rm,/bin/cp,/usr/ucb/vi
 REM1-sa2 REMOTECLIENTS=ALL
 REM1-sa3 HOST1=LPCS
 REM1-sa4 HOST1=LPCS:itl-titan=LPCS
 \# pre-1/96. Added per request from ADMIN1 to allow USER1 to reboot HP`s
 user1 HPCLIENTS=REBOOT
 \# pre-1/96. Allow the guys to start/restart HTTP
 \# Huge security hole BTW, since they can change these scripts ...
 user2 HOST1=HTTP,HTTP1
 user3 HOST2=HTTP,HTTP1
 \# pre-1/96. Added per these guys` request (they said they needed the rope ...)
 user1 SOMEHOSTS=ALL
 user2 SOMEHOSTS=ALL
 \# pre-1/96. These guys say they need sudo to do development (see comment above)
 user1 MOREHOSTS=ALL
 user2 MOREHOSTS=ALL