Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I need information on sudo, well coming to the point, I have a user named user1, and I want to assing him few privileges, that is I want him to assign few commands so that he can execute the commands in my absence.
I have opened the suoders file with visudo, however, when I did some googling, I found that (username ALL=ALL), but I don't want to assign him the root privileges, instead I want to assign him only few commands, say like creating a parition using fdisk and all.
What I know: I understand that I need to search the path of the particular command(which fdisk)and put it into visudo file, however, what i want to know is where and how to (syntax) insert the line in the sudoers file.
You can also split the specifications up using User_Alias and Cmnd_Alias to make it a little easier to organize.
Here is a contrived example for ya'.
Code:
### User Aliases
## This is a list of users that have the ability to sudo the same commands.
User_Alias USERLST1=user1,user2
## This group has the ability to sudo the same commands.
## 'webadmgp' is a primary or secondary group that some of your users have.
User_Alias WEBGROUP=%webadmgp
### Command Aliases
## Storage
Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
## Networking
Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool
## Webadmin
Cmnd_Alias WEBADMIN = /etc/rc.d/init.d/httpd
### The Commands Section
## The USERLST1 users (user1 and user2) can sudo all the commands listed in Cmnd_Alias STORAGE.
## They don't need to enter a password.
USERLST1 ALL=NOPASSWD: STORAGE
## The WEBGROUP users (every user that has 'webadmgp' as a primary or secondary group)
## can sudo all of the commands listed in the NETWORKING an WEBADMIN Cmnd_Alias lists.
## They don't need to enter a password either.
WEBGROUP ALL=NOPASSWD: NETWORKING,WEBADMIN
Where things go doesn't seem to be important.
When you save the file, 'visudo' will tell you if you have a syntax error or some inconsistancy.
And be careful if you cut and paste into the file. If you cut a single long line that has wrapped on your screen, it'll paste in as multiple lines. When you file, 'visudo' will complain...
Last edited by tommylovell; 10-10-2009 at 09:24 AM.
Reason: addl. info
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.