Filtering of Users in Sudoers File

Vineeth Zacharia · 11-07-2013, 01:14 AM

I have four users :

admin1_user
admin2_user
gen1_user
gen2_user

admin1_user & admin2_user are in USER_ALIAS admin. gen1_user & gen2_user are in USER_ALIAS general.

How can I achieve the following criteria so that I can make changes in sudoers file:

"admin" should have all root access and can access every other user in admin as well as in general.
"general" should only be able to access users in general and shouldn't be able to access root as well as users in admin.

For eg : from admin1_user ---> he should be able to :

sudo su -

sudo su - admin2_user

sudo su - gen1_user etc.

& from gen1_user ---> he should be able to :

sudo su - gen2_user

& not allow the following :

sudo su -

sudo su - admin1_user

sudo su - admin2_user

andrewthomas · 11-07-2013, 07:19 PM

Have you read the man pages?

http://manpages.ubuntu.com/manpages/...sudoers.5.html

http://manpages.ubuntu.com/manpages/...n8/sudo.8.html