![]() If you’re working with multiple users, understanding the sudo command and the sudoers file is an absolute must. As Marcos says, your main problem here is that source is a shell builtin command that affects only the shell process in which its run. Now the user bill will be able to run the tcpdump command along with other networking related commands. ![]() Next we add user bill to the netadmin group: sudo adduser bill netadmin ![]() The command tcpdump is under CAPTURE alias i.e. NETALL in turn include all commands under CAPTURE and SERVERS aliases. Users in the netadmin group can run commands specified in NETALL. What we have done in the above file is create a netadmin group. Use the following command to create the file: sudo visudo -f /etc/sudoers.d/networkingĪdd following text in the file: Cmnd_Alias CAPTURE = /usr/sbin/tcpdumpĬmnd_Alias SERVERS = /usr/sbin apache2ctl, /usr/bin/htpasswd To do so we create a configuration file in /etc/sudoers.d/ called networking. What if we want bill to be able to run only specific kinds of commands with sudo privileges, like networking? Step2.1 Switch to root user Step2.2 Run /usr/bin/sudo command to check whether its working or not Step2.3 Edit /etc/environment file and add /usr/bin. Use the Sudoers File to Grant Specific Privileges Sudo is not a standard part of all Unix distributions. Now the user bill can no longer perform actions that require sudo privileges. Sudo may already be installed on your Unix system since it is included in many distributions by default. The deluser command will remove bill from the sudo group. To remove a user from sudo: deluser bill sudo If you want to give anyone root privileges just add them to sudo. If we use the grep command to check who is in the group, we’ll see the username bill. To add a user called bill to the sudo group, we use the adduser command in the command line, like so: adduser bill sudo To see which users are in the sudo group we can use a grep command: grep ‘sudo’ /etc/group Visudo makes sure that sudoers is edited by one user at a time and provides necessary syntax checks. It is recommended to use visudo to edit the sudoers file. ![]() To edit /etc/sudoers file, use following command: sudo visudo -f /etc/sudoers
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |