Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
|
01-27-2017, 08:03 AM
|
#16
|
|
Senior Member
Registered: Dec 2014
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch, AntiX, ArtiX
Posts: 1,364
|
Quote:
Originally Posted by sunilchand
Yes, I understand that it's not good to change uid and gid value. It's rather to choose "Sudoers" file for the same.I have changed privilege of any user by editing this User1 ALL= (ALL: ALL) ALL.. Something like that.. But I want this command for some specific command not for all command.. How to do that?
|
Hi again sunilchand ... The usual way to use sudo is with the wheel group. Any user you want to be able to use the sudo command should be added to the group named "wheel". Then, edit the sudoers file (be careful to follow your distro's instructions on how to do this - should only be done with the visudo command) and uncomment the line giving members of the wheel group sudo privileges. This makes it easier thereafter to manage users' sudo privileges by simply adding them or deleting them from the wheel group.
Hope this helps.
Cheers :-) |
|
|
|
|
01-27-2017, 09:29 AM
|
#17
|
|
LQ Guru
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573
|
Quote:
Originally Posted by Rickkkk
Hi again sunilchand ... The usual way to use sudo is with the wheel group. Any user you want to be able to use the sudo command should be added to the group named "wheel". Then, edit the sudoers file (be careful to follow your distro's instructions on how to do this - should only be done with the visudo command) and uncomment the line giving members of the wheel group sudo privileges. This makes it easier thereafter to manage users' sudo privileges by simply adding them or deleting them from the wheel group.
Hope this helps.
Cheers :-)
|
He said he wants to give sudo permission for a specific command, not all commands. The entire concept of giving a regular user unlimited sudo access is a security problem and should be avoided, "wheel" group or otherwise.
OP - There are hundreds of guides online that go through the sudo syntax, any one of which should let you accomplish your goal. Eg:
http://unix.stackexchange.com/questi...-to-add-a-user |
|
|
1 members found this post helpful.
|
|
01-27-2017, 10:26 AM
|
#18
|
|
Senior Member
Registered: Dec 2014
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch, AntiX, ArtiX
Posts: 1,364
|
Quote:
Originally Posted by suicidaleggroll
He said he wants to give sudo permission for a specific command, not all commands. The entire concept of giving a regular user unlimited sudo access is a security problem and should be avoided, "wheel" group or otherwise.
OP - There are hundreds of guides online that go through the sudo syntax, any one of which should let you accomplish your goal. Eg:
http://unix.stackexchange.com/questi...-to-add-a-user |
suicidaleggroll ... I was approaching the OP's question with the understanding that the user for which the sudo access was required was not a "regular" user, but someone with an administrator role. If I misinterpreted the issue and this is not the case, I agree with your point.
Cheers, |
|
|
|
|
01-27-2017, 01:11 PM
|
#19
|
|
LQ Guru
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573
|
Quote:
Originally Posted by Rickkkk
suicidaleggroll ... I was approaching the OP's question with the understanding that the user for which the sudo access was required was not a "regular" user, but someone with an administrator role.
|
By "regular user" I mean a regular user account, aka anyone other than root. It doesn't matter if the person in control of that account is a user or an admin. There are special safeguards in place to lock down the root account, these safeguards do not apply to user accounts. Things like refusing to run web browsers as root, refusing to log into the GUI as root, disabled remote SSH access to the root account, etc. When a user account has full sudo access, they essentially become root, and these safeguards become null and void.
Last edited by suicidaleggroll; 01-27-2017 at 01:13 PM.
|
|
|
1 members found this post helpful.
|
|
01-27-2017, 03:21 PM
|
#20
|
|
Senior Member
Registered: Dec 2014
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch, AntiX, ArtiX
Posts: 1,364
|
Quote:
Originally Posted by suicidaleggroll
By "regular user" I mean a regular user account, aka anyone other than root. It doesn't matter if the person in control of that account is a user or an admin. There are special safeguards in place to lock down the root account, these safeguards do not apply to user accounts. Things like refusing to run web browsers as root, refusing to log into the GUI as root, disabled remote SSH access to the root account, etc. When a user account has full sudo access, they essentially become root, and these safeguards become null and void.
|
Well explained, thanks - I was not thinking of those particular safeguards when responding.
Cheers :-) |
|
|
|
|
01-27-2017, 08:09 PM
|
#21
|
|
Member
Registered: Feb 2012
Location: Germany
Distribution: siduction
Posts: 134
Rep: 
|
|
|
|
|
|
01-27-2017, 10:01 PM
|
#22
|
|
LQ Guru
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,524
|
I didn't know you can have two root accounts. There's a man file for 'sudoers'. It's worth reading.
|
|
|
|
All times are GMT -5. The time now is 05:58 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
