Sudoers Typical Example
I've never used sudo (I've always used su -) and now have to set it so users can use MySQL Workbench (it seems pretty Ubuntu-heavy).
Anyway, reading the manual page has left me... well, confused-ish. Is there a simple example of what goes in that file that's functionally equivalent to su -? Don't wanna be an expert, just want to use for this one purpose. Thanks. |
Quote:
Assumed that you have /etc/sudoers file because it is ubuntu. Edit this to fix some sudo user. |
http://www.linuxquestions.org/questi...do-4175438403/
So to allow a root shell you could provide "/bin/sh" or "/bin/su -" as commands. To allow specific commands that do not allow a root shell you need to be very selective about what you allow (for instance most commands that write files once you've enabled them to write files as root have potential for changing security-related configuration). |
Yes, it left me feeling that way too. I can't help but think the guy who wrote that man-page was more interested in showing us how clever he was rather than communicating how to actually use the damn thing.
Anyway, it's a little more complicated than this, but the basics can be summarised as: who where=(as) options what who can run what command(s) as which user(s), on where 'who', 'where' and 'as' and even 'what' can be specified as 'ALL' meaning any user, any host, any command etc. e.g. gazl ALL=(build) NOPASSWD: /home/build/kernel.SlackBuild User gazl can run /home/build/kernel.SlackBuild as user 'build' on any host(*) without specifying a password. Rather than read the man-page, you're better off just looking at the examples in the suders file itself, then come back and re-read the man page once you've got the basics down. (*) sudo is not network aware, it simply allows you to share one sudoers rule file across your network and have certain rules apply to certain hosts. |
OK, so I added
Code:
trona ALL=(ALL) ALL That solved one problem with getting MySQL Workbench going (it doesn't say that I'm not in "sudoers" any more anyway) but I can't start the "database server instance" for some reason or other; that's going to take some digging in the MySQL Workbench documentation, methinks. Oh, well. Thanks for your input. |
All times are GMT -5. The time now is 03:42 AM. |