Difference between revisions of "Sudoers"
(Started article) |
|||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | |||
− | |||
'''sudoers''' is a [[:Category:Linux Files|file]] (typically located at <code>/etc/sudoers</code>) containing a list of which users may execute what and various other rules. | '''sudoers''' is a [[:Category:Linux Files|file]] (typically located at <code>/etc/sudoers</code>) containing a list of which users may execute what and various other rules. | ||
Line 42: | Line 40: | ||
</pre> | </pre> | ||
− | == External links == | + | ==Miscellaneous== |
− | * [http://www.courtesan.com/sudo/man/sudoers.html The Sudoers Manual] | + | Create your own custom prompt: |
+ | $ echo 'Defaults passprompt="MY LAUNCH CODE: "' > /etc/sudoers.d/custom_prompt | ||
+ | |||
+ | ==See also== | ||
+ | *[[sudo]] | ||
+ | *[[visudo]] | ||
+ | |||
+ | ==External links== | ||
+ | *[http://www.courtesan.com/sudo/man/sudoers.html The Sudoers Manual] | ||
[[Category:Linux Files]] | [[Category:Linux Files]] | ||
[[Category:Linux Command Line Tools]] | [[Category:Linux Command Line Tools]] |
Latest revision as of 11:29, 7 July 2014
sudoers is a file (typically located at /etc/sudoers
) containing a list of which users may execute what and various other rules.
The sudoers
file is composed of two types of entries: aliases (basically variables) and user specifications (which specify who may run what).
When multiple entries match for a user, they are applied in order. Where there are conflicting values, the last match is used (which is not necessarily the most specific match).
Example file
Since the sudoers file is parsed in a single pass, order is important. In general, you should structure sudoers such that the Host_Alias
, User_Alias
, and Cmnd_Alias
specifications come first, followed by any Default_Entry
lines, and finally the Runas_Alias
and user specifications. The basic rule of thumb is you cannot reference an Alias that has not already been defined.
Below are example sudoers entries:
User_Alias FULLTIMERS = millert, mikef, dowdy User_Alias PARTTIMERS = bostley, jwfox, crawl User_Alias WEBMASTERS = will, wendy, wim Runas_Alias OP = root, operator Runas_Alias DB = oracle, sybase Host_Alias SPARC = bigtime, eclipse, moet, anchor :\ SGI = grolsch, dandelion, black :\ ALPHA = widget, thalamus, foobar :\ HPPA = boa, nag, python Host_Alias CUNETS = 128.138.0.0/255.255.0.0 Host_Alias CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0 Host_Alias SERVERS = master, mail, www, ns Host_Alias CDROM = orion, perseus, hercules Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\ /usr/sbin/restore, /usr/sbin/rrestore Cmnd_Alias KILL = /usr/bin/kill Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown Cmnd_Alias HALT = /usr/sbin/halt Cmnd_Alias REBOOT = /usr/sbin/reboot Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \ /usr/local/bin/tcsh, /usr/bin/rsh, \ /usr/local/bin/zsh Cmnd_Alias SU = /usr/bin/su
Miscellaneous
Create your own custom prompt:
$ echo 'Defaults passprompt="MY LAUNCH CODE: "' > /etc/sudoers.d/custom_prompt