Sudo: Difference between revisions

From wikinotes
No edit summary
No edit summary
Line 14: Line 14:
</blockquote><!-- Notes -->
</blockquote><!-- Notes -->


= Usage =
<blockquote>
Sudoers file Basics
<source lang="bash">
# visudo (/etc/sudoers)
will ALL=(ALL): ALL    # full sudo permissions to user
%group ALL=(ALL): ALL  # full sudo permissions to group members
superuser ALL=(ALL) NOPASSWD:ALL  # passwordless sudo
</source>
Run As user
<source lang="bash">
sudo  /bin/someprogram              # run someprogram as root
sudo -u gituser  /bin/someprogram  # Run Program as specific user
sudo -U gituser -l                  # list what sudo thinks user is allowed to do
</source>
</blockquote><!-- Usage -->


= Sudoers File =
= Sudoers File =

Revision as of 21:12, 2 April 2022

sudo allows you to assign/limit super-user privileges to users/groups.

Notes

sudo usage
sudo configuration
sudo troubleshooting


Sudoers File

Basics

USER    HOST=(USER:GROUP)  ALLOWED_COMMANDS

USER localhost = \
    /bin/commandA, /bin/commandB   # can be split on multiple lines

USER

username     # username
#1001        # uid

%groupname   # groupname
%#1001       # gid

HOST

192.168.1.1              # ip address
myhostname               # hostname
hostA,10.10.10.10,hostC  # list of either

logic

%wheel,!willjp           # all members of wheel, but not willjp

aliased lists

If you find you are reusing a list of commands quite a lot, you can create a list of aliases. 

Cmnd_Alias  BACKUP = \
  /sbin/dump,\
  /sbin/restore,\
  /sbin/mt

willjp ALL=BACKUP     # allow willjp acess to /sbin/dump, /sbin/restore, /sbin/mt

References

https://www.youtube.com/watch?v=o0purspHg-o sudo: you're doing it wrong (talk by michael w lucas)
Retrieved from "http://willpittman.net:8080/index.php?title=Sudo&oldid=29527"