Editing Sudoers, what are the options?

S

shahmeer75

Guest
Hi,

I am confused about editing Sudoers file as what to write and what not to? Can you please help me?

I am trying to edit Sudoers for running few commands like copying, moving, listing, searching, creating, changing permissions on files and directories in the home directory for user e.g. a test user but i am not sure how to restrict the user action to a particular directory or restrict the commands all other commands except ls, cp, grep, wc, cat, touch, chmod, chown running at root level (e.g. rm -r command)? What would be the syntax?

Thank you in advance.

Shahmeer
 


Hi,

a normal user only can damaged his own files in his own home directory but if you want to permit him to execute commands like a root (dangerous thing) you should edit sudoers.

Example: permit a user test to rebbot the server:

edit /etc/sudoers with visudo

#visudo

add the line:

test ALL = NOPASSWD: /sbin/reboot


test> sudo reboot

Remenber to use complete path to the comands (#which reboot) in /etc/sudoers.


Regards.
 
Shahmeer if you let the user run chmod then they can make everything belong to them. Then they can quite happily rm -r as their own user.

Also chmod -R / 755 is plenty destructive to the system in itself. If you don't trust them don't allow them to execute above user level.
 

Staff online


Top