LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-13-2011, 12:04 PM   #16
mansour
Member
 
Registered: Nov 2010
Location: Toronto, Canada
Distribution: Ubuntu 10.04 Lucid Lynx - Ubuntu 10.10 notebook - Debian 5.08 - Win XP
Posts: 172

Original Poster
Rep: Reputation: 2

Quote:
Originally Posted by SL00b View Post
Apparently you're not using visudo to edit this. The syntax of your statement "SUDOMODIFIERS All= SUDOCMDS" looks strange, because the spaces are off around the = sign and the "All" is mixed case. So I opened my sudoers file in visudo, and while it didn't mind the spacing, it did mind the mixed case. When I changed "All" to all caps, it was fine. Try making that fix yourself and see how it works out. Also, use visudo to edit it, instead of vi/vim.

As mentioned before, you can't use sudo to control access to individual files, because sudo only focuses on rights to execute programs, so the references to /etc/passwd and /etc/group can be removed. That means that all you're trying to accomplish here is to grant two users access to the shutdown command, which can be accomplished a lot simpler. Just create a user group (for the purposes of this example, we'll call it "shutdown"), and add this line to the user privilege section:

Code:
# User privilege specification
root    ALL=(ALL) ALL
%shutdown       ALL = /sbin/shutdown
The Cmnd Alias specifications are all well and good when you need to grant users access to long lists of commands, but since you're only doing one here, it's overkill.

Hello SL00b:


I actually always use sudo visudo for editing the sudoers file.
And thank you very much for the accurate observation. Everybody else missed it, yes, indeed it was all because of "All" instead of "ALL" as you mentioned above.

Everything is working now.
My new user "bob" now can shut down, and can even access the /etc/passwd file, or add users,..., or even modify sudoers file.



I used the /usr/sbin/passwd following this example for Command Alias from the link below about sudoers file. This is an ubuntu community Guide so must be credible.

https://help.ubuntu.com/community/Sudoers



Cmnd_Alias ADMIN_CMDS = /usr/sbin/passwd, /usr/sbin/useradd, /usr/sbin/userdel, /usr/sbin/usermod, /usr/sbin/visudo



mansour

Last edited by mansour; 04-13-2011 at 12:24 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Is it possible to run the interfaces file after modifying? nhammoud Linux - Networking 4 01-27-2011 11:14 AM
[SOLVED] Can't Execute Commands as sudo Nor Access Sudoers File in Mandriva 2010.1 gdawg Linux - Newbie 4 08-17-2010 02:32 PM
Where is the log file for all commands that have been run? byronk Linux - General 3 04-06-2006 03:42 PM
I deleted /etc/sudoers and creates a new file call sudoers but now it doesnt for visu abefroman Linux - Software 1 11-10-2005 06:03 PM
Allowing users to run commands davee Linux - Security 1 01-27-2003 06:54 AM


All times are GMT -5. The time now is 05:06 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration