LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-27-2017, 09:03 AM   #16
Rickkkk
Senior Member
 
Registered: Dec 2014
Location: Montreal, Quebec, CANADA
Distribution: Arch
Posts: 1,234

Rep: Reputation: 451Reputation: 451Reputation: 451Reputation: 451Reputation: 451

Quote:
Originally Posted by sunilchand View Post
Yes, I understand that it's not good to change uid and gid value. It's rather to choose "Sudoers" file for the same.I have changed privilege of any user by editing this User1 ALL= (ALL: ALL) ALL.. Something like that.. But I want this command for some specific command not for all command.. How to do that?
Hi again sunilchand ... The usual way to use sudo is with the wheel group. Any user you want to be able to use the sudo command should be added to the group named "wheel". Then, edit the sudoers file (be careful to follow your distro's instructions on how to do this - should only be done with the visudo command) and uncomment the line giving members of the wheel group sudo privileges. This makes it easier thereafter to manage users' sudo privileges by simply adding them or deleting them from the wheel group.

Hope this helps.

Cheers :-)
 
Old 01-27-2017, 10:29 AM   #17
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573

Rep: Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137
Quote:
Originally Posted by Rickkkk View Post
Hi again sunilchand ... The usual way to use sudo is with the wheel group. Any user you want to be able to use the sudo command should be added to the group named "wheel". Then, edit the sudoers file (be careful to follow your distro's instructions on how to do this - should only be done with the visudo command) and uncomment the line giving members of the wheel group sudo privileges. This makes it easier thereafter to manage users' sudo privileges by simply adding them or deleting them from the wheel group.

Hope this helps.

Cheers :-)
He said he wants to give sudo permission for a specific command, not all commands. The entire concept of giving a regular user unlimited sudo access is a security problem and should be avoided, "wheel" group or otherwise.

OP - There are hundreds of guides online that go through the sudo syntax, any one of which should let you accomplish your goal. Eg:
http://unix.stackexchange.com/questi...-to-add-a-user
 
1 members found this post helpful.
Old 01-27-2017, 11:26 AM   #18
Rickkkk
Senior Member
 
Registered: Dec 2014
Location: Montreal, Quebec, CANADA
Distribution: Arch
Posts: 1,234

Rep: Reputation: 451Reputation: 451Reputation: 451Reputation: 451Reputation: 451
Quote:
Originally Posted by suicidaleggroll View Post
He said he wants to give sudo permission for a specific command, not all commands. The entire concept of giving a regular user unlimited sudo access is a security problem and should be avoided, "wheel" group or otherwise.

OP - There are hundreds of guides online that go through the sudo syntax, any one of which should let you accomplish your goal. Eg:
http://unix.stackexchange.com/questi...-to-add-a-user
suicidaleggroll ... I was approaching the OP's question with the understanding that the user for which the sudo access was required was not a "regular" user, but someone with an administrator role. If I misinterpreted the issue and this is not the case, I agree with your point.

Cheers,
 
Old 01-27-2017, 02:11 PM   #19
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573

Rep: Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137
Quote:
Originally Posted by Rickkkk View Post
suicidaleggroll ... I was approaching the OP's question with the understanding that the user for which the sudo access was required was not a "regular" user, but someone with an administrator role.
By "regular user" I mean a regular user account, aka anyone other than root. It doesn't matter if the person in control of that account is a user or an admin. There are special safeguards in place to lock down the root account, these safeguards do not apply to user accounts. Things like refusing to run web browsers as root, refusing to log into the GUI as root, disabled remote SSH access to the root account, etc. When a user account has full sudo access, they essentially become root, and these safeguards become null and void.

Last edited by suicidaleggroll; 01-27-2017 at 02:13 PM.
 
1 members found this post helpful.
Old 01-27-2017, 04:21 PM   #20
Rickkkk
Senior Member
 
Registered: Dec 2014
Location: Montreal, Quebec, CANADA
Distribution: Arch
Posts: 1,234

Rep: Reputation: 451Reputation: 451Reputation: 451Reputation: 451Reputation: 451
Quote:
Originally Posted by suicidaleggroll View Post
By "regular user" I mean a regular user account, aka anyone other than root. It doesn't matter if the person in control of that account is a user or an admin. There are special safeguards in place to lock down the root account, these safeguards do not apply to user accounts. Things like refusing to run web browsers as root, refusing to log into the GUI as root, disabled remote SSH access to the root account, etc. When a user account has full sudo access, they essentially become root, and these safeguards become null and void.
Well explained, thanks - I was not thinking of those particular safeguards when responding.

Cheers :-)
 
Old 01-27-2017, 09:09 PM   #21
Ratamahatta
Member
 
Registered: Feb 2012
Location: Germany
Distribution: siduction
Posts: 109

Rep: Reputation: 13
Funny... found this: Setting up user to use sudo for specific commands - What a strange website!
 
Old 01-27-2017, 11:01 PM   #22
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,511

Rep: Reputation: 1007Reputation: 1007Reputation: 1007Reputation: 1007Reputation: 1007Reputation: 1007Reputation: 1007Reputation: 1007
I didn't know you can have two root accounts. There's a man file for 'sudoers'. It's worth reading.
 
  


Reply

Tags
privileges, root


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
usr added to wheel group but isn't allowed root privileges jus71n742 *BSD 7 06-11-2009 05:52 PM
Giving a user Admin Privileges wildcat22 Ubuntu 4 08-07-2008 08:12 AM
Linux - How to add a new user with the same root/super-user's privileges? asgarcymed Linux - General 8 12-23-2006 08:45 PM
Giving root privileges to another user BlackJackal Mandriva 5 10-19-2005 02:03 PM
Giving a User Root Privileges lawrencegoodman Linux - Newbie 4 12-23-2003 05:41 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:12 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration