Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Restrict SUDO Access
Operating Systems Linux Ubuntu Restrict SUDO Access Post 302601911 by explorer007 on Friday 24th of February 2012 09:39:03 PM
Old 02-24-2012
Restrict SUDO Access
Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
Hi Folks,

Please help me. I am bit struck here.

Here is the OS info.
Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux

I have a user Alex( userif alex:admin) and trying to grant him sudo access to a userid (cbttest:sytgrp) i.e granting sudo to ID cbttest

I have added the following info to /etc/sudoers file.

alex ALL=(cbttest:sytgrp) ALL

It was working fine, alex was able to sudo to cbttest.

Now I want to restrict alex not to execute passwd change so tried the below options none worked.

alex ALL=(cbttest:sytgrp) ALL, !/usr/bin/passwd

Cmnd_Alias PASSWD=/usr/bin/passwd
alex ALL=(cbttest:sytgrp) ALL, !PASSWD

alex ALL=(cbttest:sytgrp) !/usr/bin/passwd

alex ALL=(cbttest:sytgrp) ALL, !/usr/bin/pass*

none of the above options worked. Please helpme in restricting the user to execute all like cbttest except passwd
This User Gave Thanks to explorer007 For This Post:
daWonderer
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Apache restrict access with certificates

Hello! Does anyone know if it's possible to restrict access to apache webserver with certificates? What I want is that if a user has a certificate in his browser then he get's access, if not show error or another page. I would be very happy if someone knew! /D (2 Replies)
Discussion started by: Esaia
2 Replies

2. UNIX for Advanced & Expert Users

Restrict access to specific users.

Hi All! I would like to know if there is any specific way by which I can restrict access to apecific users (ip addresses). OS : Red hat linux Thanks! nua7 (6 Replies)
Discussion started by: nua7
6 Replies

3. UNIX for Advanced & Expert Users

Restrict Access to the folder

Hi I have requirement to create 3 new users on my server but to restrict their access to a set of particular folders. /export/home/kapil/shared, /export/home/kapil/shared/Folder1 /export/home/kapil/shared/Folder2 These folders should be accessible to all the 3 users and to me too.... (1 Reply)
Discussion started by: kapilk
1 Replies

4. Linux

Restrict NFS access to root

Hi Everybody, If there is a general NFS share in the LAN and for example this share has three files - a, b, c is there any way to restrict file access to the root user of one particular host(falcon) in the same LAN environment while the normal users from the same host(falcon) should be able... (4 Replies)
Discussion started by: sudhirav
4 Replies

5. UNIX for Dummies Questions & Answers

Restrict user access.

Hi All, How can we restrict a particular user access to a particular shell in solaris 10. Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies

6. Red Hat

Restrict user access

Hi there I have an application user on my system that wants accesses to these file systems as such: rwx: /SAPO /SAPS12 /R3_888 /R3_888B /R3_888F /R3_888R r: /usr/sap these are the existing FS permissions:ownerships: # ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies

7. Shell Programming and Scripting

Restrict access to .ksh scripts

Hi, How to restrict access to a .ksh script in such the way that the users can only execute the script, neither read nor write. I tried the below code so that my user alone has the rwx and other users can only execute. chmod 711 sample.ksh But when I logged in as a different user... (26 Replies)
Discussion started by: machomaddy
26 Replies

8. Solaris

restrict sudo and chown in specified directory

Hi Dears, I have one requirement like this: general user A can execute command C with root privilege by sudo configuration some folders and files are created during the command C execution user A cannot access those folders and files because the owner is root user, so I want the user A... (0 Replies)
Discussion started by: crest.boy
0 Replies

9. UNIX for Dummies Questions & Answers

Restrict access

I'm trying to use squid to restrict elinks' access to certain websites(only http traffic). I have tried some configs in squid.conf but no luck. Hope someone has a bit of time to explain me how can you make these config's :) ---------- Post updated at 05:40 PM ---------- Previous update was at... (1 Reply)
Discussion started by: Birnbacher
1 Replies

10. Red Hat

Restrict sudo -i

Hi, I wanted add a group to the sudoers file so they can run sudo commands and blocked su command but it seems they can just run sudo -i to switch to root which defeats my purpose. Is it possible to block sudo -i with the help of sudoers file or any other way. Please advise. The below... (1 Reply)
Discussion started by: Jartan
1 Replies

LEARN ABOUT DEBIAN

ubuntu-dev-tools

ubuntu-dev-tools(5)						File Formats Manual					       ubuntu-dev-tools(5)

NAME

       ubuntu-dev-tools - Configuration for the ubuntu-dev-tools package.

DESCRIPTION

       The  ubuntu-dev-tools  package  is  similar in scope to the devscripts(1) package, providing a collection of scripts which may be of use to
       Ubuntu and Debian developers or others wishing to build Debian packages.

       Some of these scripts have options which may be configured  on  a  system-wide  and  per-user  basis.   These  options  are  configured	in
       devscripts.conf(5).

       All variables are described in the script's manpages. Package-wide variables begin with "UBUNTUTOOLS" and are listed below.

       Every script which reads the configuration files can be forced to ignore them by using the --no-conf command-line option.

ENVIRONMENT

       All ubuntu-dev-tools configuration variables can be set (and overridden) by setting them in the environment (unlike devscripts).

       In addition, several scripts use the following environment variables:

       UBUMAIL
	      Overrides  DEBEMAIL  and	DEBFULLNAME  when  the	target	is  clearly  Ubuntu.   Can  either  contain an e-mail address or Full Name
	      <email@example.org>.

       DEBEMAIL, DEBFULLNAME
	      As in devscripts(1).

PACKAGE-WIDE VARIABLES
       The currently recognised package-wide variables are:

       UBUNTUTOOLS_BUILDER
	      This specifies the preferred test-builder, one of pbuilder (default), sbuild, pbuilder-dist.

       UBUNTUTOOLS_DEBIAN_MIRROR
	      The preferred Debian archive mirror.  Should be of the form http://ftp.debian.org/debian (no trailing slash).  If not specified, the
	      master will be used.

       UBUNTUTOOLS_DEBSEC_MIRROR
	      The  preferred Debian security archive mirror.  Should be of the form http://security.debian.org (no trailing slash).  If not speci-
	      fied, the master will be used.

       UBUNTUTOOLS_UBUNTU_MIRROR
	      The preferred Ubuntu archive mirror.  Should be of the form http://archive.ubuntu.com/ubuntu (no trailing slash).  If not specified,
	      the master will be used.

       UBUNTUTOOLS_UBUNTU_PORTS_MIRROR
	      The preferred Ubuntu archive mirror.  Should be of the form http://ports.ubuntu.com (no trailing slash).	If not specified, the mas-
	      ter will be used.

       UBUNTUTOOLS_LPINSTANCE
	      The launchpad instance to communicate with. e.g. production (default) or staging.

       UBUNTUTOOLS_MIRROR_FALLBACK
	      Whether or not to fall-back to the master archive mirror.  This is usually the desired behaviour, as mirrors can	lag  the  masters.
	      If on a private network with only a local mirror, you may want to set this to no.  One of yes (default) or no.

       UBUNTUTOOLS_UPDATE_BUILDER
	      Whether or not to update the test-builder before each test build.  One of yes or no (default).

       UBUNTUTOOLS_WORKDIR
	      The directory to use for preparing source packages etc.  When unset, defaults to a directory in /tmp/ named after the script.

SEE ALSO

       devscripts(1), devscripts.conf(5)

AUTHORS

       This manpage was written by Stefano Rivera <stefanor@ubuntu.com>.

ubuntu-dev-tools						 December 19 2010					       ubuntu-dev-tools(5)
All times are GMT -4. The time now is 11:26 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy