Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Addsudoers: A script to add users or groups into /etc/sudoers
Top Forums Shell Programming and Scripting Addsudoers: A script to add users or groups into /etc/sudoers Post 302531946 by admin_xor on Saturday 18th of June 2011 08:06:59 PM
Old 06-18-2011
Bug
Quote:
Originally Posted by Corona688
Why edit groups into sudoers instead of adding users to groups? Let the login system do the legwork.
Uhhh...Well, we do not edit "groups" into sudoers. What we do is that we create an alias which is in turn a simple variable that holds a list of users. Thus, gives you extra flexibility on grouping your users depending on how they are going to use the system.

You can create a separate group of user, then assign that group in sudoers file with the commands and other stuffs. Or, you can create a User_Alias and add the users in that alias. It's upto you and your organization's policy. Both are possible.

Correct me if I'm wrong. Smilie
 

10 More Discussions You Might Find Interesting

1. Cybersecurity

Users and groups

Hi, Is it possible that one user belongs to many groups, or the relation of user/group is 1/1?. Thanks Ramón (2 Replies)
Discussion started by: rsanz
2 Replies

2. Linux

listing users and groups

RH 7.2 I'm trying to list the users & groups on my machine. I found the lsuser & lsgroup commands but no associated man pages. I typed: lsuser I get --> Valid options are: -a So I typed: lsuser -a I get --> Valid options are: groups, home So I typed: lsuser -a groups I get -->... (2 Replies)
Discussion started by: jalburger
2 Replies

3. UNIX for Dummies Questions & Answers

users and groups

hi eveyone i've recently requested my unix admin to create a userid for 2 groups. He created the id and i can see it by grep "id" /etc/group. But when i login with that id into unix and try to cd that group it says permission denied. something like cd /groupname -- permission denied Can my admin... (1 Reply)
Discussion started by: sammet
1 Replies

4. Shell Programming and Scripting

Removing users from sudoers - help needed

I'm trying to create a script to remove users from sudoers on multiple servers. I'm able to do this with a one-line script using sed, but only if it's on one server. Example: sed '/someuser/d' /host/local/etc/sudoers Also, I think the problem with this one-line script is that I would have to... (4 Replies)
Discussion started by: em23
4 Replies

5. Solaris

sudoers file with groups in LDAP

Hello gurus, I've been working on a sudoers file to work with groups in LDAP. I've created the groups in LDAP and added the users to there respective groups. I've also setup my sudoers file to have the groups match what is in LDAP. And I've added ldap to nsswitch.conf in the group line. The... (6 Replies)
Discussion started by: em23
6 Replies

6. Shell Programming and Scripting

shell script to find unowned users and groups

Hello, I am new to Unix and shell scripting. I am trying to find unowned files and groups on my servers. I know, i could use the below command to find it on individual server. #find / -nouser -o -nogroup -print But I was wondering, if someone could help with a shell script so that I can... (2 Replies)
Discussion started by: ut916
2 Replies

7. Shell Programming and Scripting

Shell script for to view all users & groups history in root

Dear All, I want to know all users & group history in one file, for root terminal through shell or any other option (5 Replies)
Discussion started by: kpoobathi
5 Replies

8. Shell Programming and Scripting

Script to read through a file and create new users/assign them to groups in Ubuntu

Hi all. I need a shell script that can, in short, read through a text file line by line and create a new user in Ubuntu, as well as assign that user to a group. The format of the text file is not important but preferably: 'username:group'. I don't have much programming knowledge no matter shell... (3 Replies)
Discussion started by: LewisWeekly
3 Replies

9. Red Hat

How to disable sudo -i in sudoers file for users?

All, I need to disable "sudo -i" and "su - " for all servers in our environment, We want to make sure no one run commands or delete files across environment using switching to root account. can you guys please lets me know if this is achievable. Thanks and Regards shekar (2 Replies)
Discussion started by: shekar777
2 Replies

10. UNIX for Beginners Questions & Answers

How to write a UNIX script to send a mail to the respective individual users about their groups?

Hi Team, I got a requirement to send a mail to the individual users of a unix server about their respective groups. can some one help me to provide the script as I am unable to write that. I tried with below lines but I come out with errors. cat /etc/passwd | awk -F':' '{ print $1}' |... (6 Replies)
Discussion started by: harshabag
6 Replies

LEARN ABOUT DEBIAN

0store-secure-add

0STORE-SECURE-ADD(1)													      0STORE-SECURE-ADD(1)

NAME

       0store-secure-add -- add an implementation to the system cache

SYNOPSIS

       0store-secure-add DIGEST

DESCRIPTION

       This  command  imports  the  current  directory	into  the  system-wide	shared	Zero Install cache, as /var/cache/0install.net/implementa-
       tions/DIGEST.  This allows a program downloaded by one user to be shared with other users.

       The current directory must contain a file called '.manifest' listing all the files to be added (in the format required by DIGEST), and this
       file  must have the given digest. If not, the import is refused. Therefore, it is only possible to add a directory to the cache if its name
       matches its contents.

       It is intended that it be safe to grant untrusted users permission to call this command with elevated  privileges.  To  set  this  up,  see
       below.

SETTING UP SHARING

       To enable sharing, the system administrator should follow these steps:

       Create a new system user to own the cache:

       adduser --system zeroinst

       Create the shared directory, owned by this new user:

       mkdir /var/cache/0install.net

       chown zeroinst /var/cache/0install.net

       Use visudo(8) to add these lines to /etc/sudoers:

       Defaults>zeroinst env_reset,always_set_home

       ALL ALL=(zeroinst) NOPASSWD: /usr/bin/0store-secure-add

       Create a script called 0store-secure-add-helper in PATH to call it. This script must be executable and contain these two lines:

       #!/bin/sh

       exec sudo -S -u zeroinst /usr/bin/0store-secure-add "$@" < /dev/null

       The other Zero Install programs will call this helper script automatically.

FILES

       /var/cache/0install.net/implementations
	      System-wide Zero Install cache.

LICENSE

       Copyright (C) 2009 Thomas Leonard.

       You may redistribute copies of this program under the terms of the GNU Lesser General Public License.

BUGS

       This program is EXPERIMENTAL. It has not been audited. Do not use it yet in security-critial environments.

       The env_reset line in sudoers may not be required. sudo(1) seems to do it automatically.

       If  sudo  let us check whether we could call a command then we could switch to using it automatically, instead of needing to add the helper
       script. Currently, sudo delays for one second and writes to auth.log if we try to use this system when it hasn't been set up.

       Please report bugs to the developer mailing list:

       http://0install.net/support.html

AUTHOR

       Zero Install was created by Thomas Leonard.

SEE ALSO

       0store(1)

       The Zero Install web-site:

       http://0install.net

Thomas Leonard							       2010						      0STORE-SECURE-ADD(1)
All times are GMT -4. The time now is 04:05 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy