Editing Sudoers, what are the options?

Discussion in 'Command Line' started by shahmeer75, Aug 17, 2012.

  1. shahmeer75

    shahmeer75 New Member

    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    Hi,

    I am confused about editing Sudoers file as what to write and what not to? Can you please help me?

    I am trying to edit Sudoers for running few commands like copying, moving, listing, searching, creating, changing permissions on files and directories in the home directory for user e.g. a test user but i am not sure how to restrict the user action to a particular directory or restrict the commands all other commands except ls, cp, grep, wc, cat, touch, chmod, chown running at root level (e.g. rm -r command)? What would be the syntax?


    Thank you in advance.

    Shahmeer
  2. devnull

    devnull New Member

    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    0
    Hi,

    a normal user only can damaged his own files in his own home directory but if you want to permit him to execute commands like a root (dangerous thing) you should edit sudoers.

    Example: permit a user test to rebbot the server:

    edit /etc/sudoers with visudo

    #visudo

    add the line:

    test ALL = NOPASSWD: /sbin/reboot


    test> sudo reboot

    Remenber to use complete path to the comands (#which reboot) in /etc/sudoers.


    Regards.
  3. Ell

    Ell New Member

    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    0
    Shahmeer if you let the user run chmod then they can make everything belong to them. Then they can quite happily rm -r as their own user.

    Also chmod -R / 755 is plenty destructive to the system in itself. If you don't trust them don't allow them to execute above user level.

Share This Page