Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Script to delete sudo access in redhat 5.4
Top Forums Shell Programming and Scripting Script to delete sudo access in redhat 5.4 Post 302891946 by ahamed101 on Monday 10th of March 2014 02:04:20 AM
Old 03-10-2014
To get you started.

Code:
#!/bin/bash

server_list=(10.0.0.25)
regex="user1\|user2\|user3"

for((i=0; i< ${#server_list[@]}; i++))
do
    ssh root@${server_list[$i]} "sed  -i.bak \"/$regex/d\" /etc/sudoers"
done

Note : -i is included which will edit the file inline, which also creates a backup file. Once you confirm this works locally, then you can go ahead with full fledged.

HTH
 

10 More Discussions You Might Find Interesting

1. Solaris

secure access using sudo

I just need to know what should be done on a login user so that no one can access it except through sudo i.e. telnet server login: user NO ACCESS telnet server login: mylogin sudo - user <any command> ACCESS GRANTED thanks (0 Replies)
Discussion started by: melanie_pfefer
0 Replies

2. Linux

sudo access verification

Hi All, I got lots of request with sudo, a manager request, verbal command, do this and do that. The problem with this kind of request is when I added that script and that. It will not be perfect, it's because I can't verify the userid sudo access, I can't reset their password as well, I... (2 Replies)
Discussion started by: itik
2 Replies

3. Shell Programming and Scripting

ONLY SU Sudo access

Hello All, I want to create a script that will do ONLY su to any user on the server with hpadmin login using sudo. Can anyone let me know how can it do it. Regards Ankit (1 Reply)
Discussion started by: ajaincv
1 Replies

4. UNIX for Dummies Questions & Answers

sudo/root access

I'm actually working with a Ubuntu-System here and have a question about executing a command with 'sudo'. I tried and got a error message like "not allowed". After this I logged in with 'sudo -s' and typed the command without 'sudo'. This worked well. Can please somebody explain me this... (0 Replies)
Discussion started by: daWonderer
0 Replies

5. Ubuntu

Restrict SUDO Access

Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux Hi Folks, Please help me. I am bit struck here. Here is the OS info. Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux I have a... (17 Replies)
Discussion started by: explorer007
17 Replies

6. UNIX for Advanced & Expert Users

Help needed in sudo access

I want to give root access to a user called denielr on server - tsprd01, but do not want to share root password. I have sudoers configured already. He should have all access equal to root. I made this entry in /etc/sudoers, but it is not working denielr tsprd01 =(root) NOPASSWD: ALL I tried to... (2 Replies)
Discussion started by: solaris_1977
2 Replies

7. Red Hat

Sudo access issue

Hi, I have given access to user mwadmin in shudders file as : mwadmin ALL:NOPASSWD:/www/* /usr/* /opt/* However, not able to execute below command: sudo mkdir -p /usr/test password for mwadmin: Sorry, user mwadmin is not allowed to execute '/bin/mkdir -p /usr/test' as root. ... (4 Replies)
Discussion started by: saurau
4 Replies

8. UNIX for Dummies Questions & Answers

Inheriting SUDO access?

I had a question on users inheriting SUDO capabilities of another account. Let's say that there are three users A, B, and C. A has access to Sudo into B. B has access to Sudo into C. Does this give A access to sudo into B and then sudo into C. A -> B B -> C A -> B -> C ? Another example. My... (2 Replies)
Discussion started by: sbcopty
2 Replies

9. Shell Programming and Scripting

Using plink with sudo access

I have similar issue as mentioned in 167174-how-run-script-using-batch-file.html It works good, but the control is not coming back to source i tried adding exit to remote script. Thanks, Suresh (0 Replies)
Discussion started by: snsuresh
0 Replies

10. Shell Programming and Scripting

Script help on sudo access validation

hello I need help on this. The input is this. server system account name DBA account name x a p y b q z c r so i would like to check the sudo of the user is done or not. this is what i do to check it 1. login as root on server x 2.... (2 Replies)
Discussion started by: Kiran008
2 Replies

LEARN ABOUT CENTOS

sssd-simple

SSSD-SIMPLE(5)						   File Formats and Conventions 					    SSSD-SIMPLE(5)

NAME

       sssd-simple - the configuration file for SSSD's 'simple' access-control provider

DESCRIPTION

       This manual page describes the configuration of the simple access-control provider for sssd(8). For a detailed syntax reference, refer to
       the "FILE FORMAT" section of the sssd.conf(5) manual page.

       The simple access provider grants or denies access based on an access or deny list of user or group names. The following rules apply:

       o   If all lists are empty, access is granted

       o   If any list is provided, the order of evaluation is allow,deny. This means that any matching deny rule will supersede any matched allow
	   rule.

       o   If either or both "allow" lists are provided, all users are denied unless they appear in the list.

       o   If only "deny" lists are provided, all users are granted access unless they appear in the list.

CONFIGURATION OPTIONS

       Refer to the section "DOMAIN SECTIONS" of the sssd.conf(5) manual page for details on the configuration of an SSSD domain.

       simple_allow_users (string)
	   Comma separated list of users who are allowed to log in.

       simple_deny_users (string)
	   Comma separated list of users who are explicitly denied access.

       simple_allow_groups (string)
	   Comma separated list of groups that are allowed to log in. This applies only to groups within this SSSD domain. Local groups are not
	   evaluated.

       simple_deny_groups (string)
	   Comma separated list of groups that are explicitly denied access. This applies only to groups within this SSSD domain. Local groups are
	   not evaluated.

       Specifying no values for any of the lists is equivalent to skipping it entirely. Beware of this while generating parameters for the simple
       provider using automated scripts.

       Please note that it is an configuration error if both, simple_allow_users and simple_deny_users, are defined.

EXAMPLE

       The following example assumes that SSSD is correctly configured and example.com is one of the domains in the [sssd] section. This examples
       shows only the simple access provider-specific options.

	       [domain/example.com]
	       access_provider = simple
	       simple_allow_users = user1, user2

SEE ALSO

       sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5),sss_cache(8), sss_debuglevel(8),
       sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8),
       sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8),pam_sss(8).

AUTHORS

       The SSSD upstream - http://fedorahosted.org/sssd

SSSD
								    06/17/2014							    SSSD-SIMPLE(5)
All times are GMT -4. The time now is 08:25 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy