Editing Sudoers file, what are the options?
Hi,
I am confused about editing Sudoers file as what to write and what not to? Can you please help me? I am trying to edit Sudoers for running few commands like copying, moving, listing, searching, creating, changing permissions on files and directories in the home directory for user e.g. a test user but i am not sure how to restrict the user action to a particular directory or restrict the commands all other commands except ls, cp, grep, wc, cat, touch, chmod, chown running at root level (e.g. rm -r command)? What would be the syntax? Thank you in advance. Shahmeer |
see here: http://www.garron.me/linux/visudo-co...lt-editor.html
do not edit that file directly, use visudo instead (http://linux.die.net/man/5/sudoers) |
Allowing a user to use cp, chmod or chown with sudo is basically the same as giving them your root password. The user is easily able to chmod or chown the sudoers-file or just copy over a already prepared sudoers file, giving himself or other users any permission he wants.
This is a serious security issue, don't even consider it. If you want to restrict the user's actions to a limited set of directories sudo is not the appropriate tool, you should use the permission system, in particular different user-groups for that. |
I think there is a misunderstanding. I don't think that shahmeer75 wants the testuser to modify / chown / rm etc the sudoers file.
Not familiar enough with sudoers to be of further help ;) |
Quote:
Therefore a different approach should be taken. Since shahmeer75 asks Quote:
@shahmeer75: Information about setting up sudo, file permissions and ACL |
All times are GMT -5. The time now is 01:31 PM. |