Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: grant sudo permission
Top Forums UNIX for Dummies Questions & Answers grant sudo permission Post 302524226 by fpmurphy on Sunday 22nd of May 2011 12:07:26 PM
Old 05-22-2011
It is quite simple. A few examples should clarify it for you.

You can grant users jelo and kiki full access to all privileged commands, with this /etc/sudoers entry.
Code:
jelo, kiki  ALL=(ALL) ALL

This is generally not a good idea because this allows jelo and kiki to use the su command to grant themselves permanent root privileges thereby bypassing the command logging features of sudo.

A better way is to grant access to specific program files. For example, this /etc/sudoers entry allows user jelo and all the members of the group operator to gain access to all the program files in the /sbin and /usr/sbin directories, plus the command /opt/oracle/check.pl. BTW, the trailing slash (/) is required to specify a directory location:
Code:
jelo, %operator ALL= /sbin/, /usr/sbin, /opt/oracle/check.pl

Read the sudo man page for more information. It is quite comprehensive.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Sudo permission issue

folks; How can i give a group a sudo permission to execute only some command "like start/stop Apache", so every user in that group can sudo to use this as himself, i mean when he tries to sudo, he will be asked for a password (and make it so he must use his own NT password not a generic one) then... (6 Replies)
Discussion started by: Katkota
6 Replies

2. UNIX for Dummies Questions & Answers

MySQL GRANT permission.

Hi, I'm one of a server administrators. I've the linux root account but I don't know the root password of MySQL (Server version: 5.0.32). I want to GRANT ALL PRIVILEGES to my MySQL account without changing the MySQL's root password. How can I do so? (0 Replies)
Discussion started by: mjdousti
0 Replies

3. Solaris

sudo permission

HI friends can i know how to assign sudo permission to normal user in solaris, and if not i want to assign few commands like format,user creation to normal user, i want to share few permission to normal user towork like a root in $ prompt. (2 Replies)
Discussion started by: kurva
2 Replies

4. UNIX for Dummies Questions & Answers

changing password with sudo user " permission denied"

HI All, I am using solaris i created a user adam and updated his permissions in vi sudoers file as follows adam ALL=(ALL) NOPASSWORD: ALL ........... when i create user by logging as sudo user . $ sudo useradd -d /home/kalyan -m -s /bin/sh kalyan sudo: not found ... (6 Replies)
Discussion started by: kalyankalyan
6 Replies

5. Solaris

sudo for permission kill -HUP

Hi, I'm trying to provide "/usr/bin/kill -HUP" command to one of the user using sudo file. I have configured sudo as following: $cat /etc/sudoers User_Alias AA=conadmin Cmnd_Alias KILL1=/usr/bin/kill -HUPAA ALL=NOPASSWD:KILL1 When I login as the user and execute 'sudo -l' command, it... (2 Replies)
Discussion started by: mohzub
2 Replies

6. Solaris

Can't sudo Using Group Permission

All: I'm having a problem with sudo on Solaris 5.10 that is giving me fits (and BTW, I'm a Linux admin by trade...). The issue is that I have a number of users (myself included) that cannot sudo to root to complete user admin tasks. Assuming the user is jdoe, and the group with the elevated... (3 Replies)
Discussion started by: rjlohman
3 Replies

7. HP-UX

Sudo entry required to set permission similar to ROOT without using password (PASSWD) change optio

Hi All I had installed sudo in HP UX 11.3 and it is working fine but not able to make entry required to set permission similar to ROOT without using password (PASSWD) change option for define user in /etc/sudoers file Please help if some know the syntex? :confused::wall: (2 Replies)
Discussion started by: deviltech
2 Replies

8. Solaris

Adding user with Sudo permission in solaris 9

How can I add user with Sudo permission in solaris 9 ? I'm new in Solaris (2 Replies)
Discussion started by: ahmednoaman
2 Replies

9. Shell Programming and Scripting

Executing bash file with sudo for the second time, leads to permission denied, for some commands

I have a script that checks if the script has been ran with sudo. If the script is not ran as sudo, the current script is being executed with exec sudo bash. You are asked for a password, you type in the password, success. Everything is perfect - the commands inside the script are ran as sudo.... (1 Reply)
Discussion started by: boqsc
1 Replies

10. AIX

Unable to set ACLs on sulog - need to grant read permission to a normal user on AIX 6.1

Hi, I need to grant read permission to a normal user on sulog file on AIX 6.1. As root I did acledit sulog and aclget shows "extended permissions" as "enabled" and normal user "splunk" has read permissions. When I try to access sulog as splunk user it won't allow and aclget for splunk user... (6 Replies)
Discussion started by: prvnrk
6 Replies

LEARN ABOUT DEBIAN

consolehelper

CONSOLEHELPER(8)					      System Manager's Manual						  CONSOLEHELPER(8)

NAME

       consolehelper - A wrapper that helps console users run system programs

SYNOPSIS

       progname [ options ]

DESCRIPTION

       consolehelper  is  a tool that makes it easy for console users to run system programs, doing authentication via PAM (which can be set up to
       trust all console users or to ask for a password at the system administrator's discretion).  When  possible,  the  authentication  is  done
       graphically; otherwise, it is done within the text console from which consolehelper was started.

       It  is  intended  to be completely transparent.	This means that the user will never run the consolehelper program directly.  Instead, pro-
       grams like /sbin/shutdown are paired with a link from /usr/bin/shutdown to /usr/bin/consolehelper.  Then when non-root users (specifically,
       users  without /sbin in their path, or /sbin after /usr/bin) call the "shutdown" program, consolehelper will be invoked to authenticate the
       action and then invoke /sbin/shutdown.  (consolehelper itself has no priviledges; it calls the userhelper(8) program do the real work.)

       consolehelper requires that a PAM configuration for every managed program exist.  So to make /sbin/foo or /usr/sbin/foo managed,  you  need
       to create a link from /usr/bin/foo to /usr/bin/consolehelper and create the file /etc/pam.d/foo, normally using the pam_console(8) PAM mod-
       ule.

OPTIONS

       This program has no command line options of its own; it passes all command line options on to the program it is calling.

SEE ALSO

       userhelper(8)

AUTHOR

       Michael K. Johnson <johnsonm@redhat.com>

Red Hat Software						   18 March 1999						  CONSOLEHELPER(8)
All times are GMT -4. The time now is 02:14 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy