Sudo: Difference between revisions

From wikinotes
 
No edit summary
Line 1: Line 1:
sudo allows you to assign/limit super-user privileges to users/groups.
sudo allows you to assign/limit super-user privileges to users/groups.
= Notes =
<blockquote>
{| class="wikitable"
|-
| [[sudo usage]]
|-
| [[sudo configuration]]
|-
| [[sudo troubleshooting]]
|-
|}
</blockquote><!-- Notes -->


= Usage =
= Usage =

Revision as of 21:09, 2 April 2022

sudo allows you to assign/limit super-user privileges to users/groups.

Notes

sudo usage
sudo configuration
sudo troubleshooting

Usage

Sudoers file Basics 

# visudo (/etc/sudoers)
will ALL=(ALL): ALL    # full sudo permissions to user
%group ALL=(ALL): ALL  # full sudo permissions to group members
superuser ALL=(ALL) NOPASSWD:ALL  # passwordless sudo

Run As user 

sudo  /bin/someprogram              # run someprogram as root
sudo -u gituser  /bin/someprogram   # Run Program as specific user
sudo -U gituser -l                  # list what sudo thinks user is allowed to do

Sudoers File

Basics

USER    HOST=(USER:GROUP)  ALLOWED_COMMANDS

USER localhost = \
    /bin/commandA, /bin/commandB   # can be split on multiple lines

USER

username     # username
#1001        # uid

%groupname   # groupname
%#1001       # gid

HOST

192.168.1.1              # ip address
myhostname               # hostname
hostA,10.10.10.10,hostC  # list of either

logic

%wheel,!willjp           # all members of wheel, but not willjp

aliased lists

If you find you are reusing a list of commands quite a lot, you can create a list of aliases. 

Cmnd_Alias  BACKUP = \
  /sbin/dump,\
  /sbin/restore,\
  /sbin/mt

willjp ALL=BACKUP     # allow willjp acess to /sbin/dump, /sbin/restore, /sbin/mt

References

https://www.youtube.com/watch?v=o0purspHg-o sudo: you're doing it wrong (talk by michael w lucas)
Retrieved from "http://willpittman.net:8080/index.php?title=Sudo&oldid=29525"