|
|
Line 14: |
Line 14: |
| </blockquote><!-- Notes --> | | </blockquote><!-- Notes --> |
|
| |
|
|
| |
| = Sudoers File =
| |
| <blockquote>
| |
|
| |
| == Basics ==
| |
| <source lang="ini">
| |
| USER HOST=(USER:GROUP) ALLOWED_COMMANDS
| |
|
| |
| USER localhost = \
| |
| /bin/commandA, /bin/commandB # can be split on multiple lines
| |
| </source>
| |
|
| |
| === USER ===
| |
| <source lang="bash">
| |
| username # username
| |
| #1001 # uid
| |
|
| |
| %groupname # groupname
| |
| %#1001 # gid
| |
|
| |
| </source>
| |
|
| |
| === HOST ===
| |
| <source lang="bash">
| |
| 192.168.1.1 # ip address
| |
| myhostname # hostname
| |
| hostA,10.10.10.10,hostC # list of either
| |
| </source>
| |
|
| |
| == logic ==
| |
| <source lang="bash">
| |
| %wheel,!willjp # all members of wheel, but not willjp
| |
| </source>
| |
|
| |
| == aliased lists ==
| |
| If you find you are reusing a list of commands quite a lot, you can create a list of aliases.
| |
|
| |
| <source lang="bash">
| |
| Cmnd_Alias BACKUP = \
| |
| /sbin/dump,\
| |
| /sbin/restore,\
| |
| /sbin/mt
| |
|
| |
| willjp ALL=BACKUP # allow willjp acess to /sbin/dump, /sbin/restore, /sbin/mt
| |
| </source>
| |
| </blockquote><!-- Sudoers file -->
| |
|
| |
|
| = References = | | = References = |
Revision as of 21:12, 2 April 2022
sudo allows you to assign/limit super-user privileges to users/groups.
Notes
References