11-03-2015
Sudoers file
In the sudoers file in Solaris...
I am trying to limit the DEVELOPER user privileges to where those users can only use the “rm” command in certain directories. This is to prevent them from deleting directories or files and destroying a server. I want them to be able to use the "rm" command but only in some of the directions, not all of them. Is this even possible in Solaris?
10 More Discussions You Might Find Interesting
1. Linux
Hi,
I have edited 'sudoers' file to allow 'cads' user shutdown the system without providing a password.
Can someone tell me what's wrong with my file?
It's not working when I 'sudo SHUTDOWN' command:
sudo: SHUTDOWN: command not found
Thanks a lot!
# Host alias specification... (4 Replies)
Discussion started by: whatisthis
4 Replies
2. UNIX for Advanced & Expert Users
Does anyone know of a utility that can parse through a sudoers file and create an "expansion" dump of all users defined in the User Specification, outputting user, host, and command based on all defined Aliases? (3 Replies)
Discussion started by: jasondavey
3 Replies
3. UNIX for Advanced & Expert Users
i have defined a rule in the sudoers file so a specific user is able to run some commands as sudo with no password.
my question is: is it possible to restrict a user to run commands as sudo only in a certain directory? for example: chown only the files that are located in /var/tmp.
Thank you.
... (2 Replies)
Discussion started by: noam128
2 Replies
4. Solaris
All,
I have sudo setup installed on my Soalris 10 box. Everything working fine as expected. I would like to setup granular level access for one of the user
I use Rational Clearcase application which has its own command prompt /usr/atria/bin/cleartool
Once i invloked i can run its... (4 Replies)
Discussion started by: baluchen
4 Replies
5. Cybersecurity
Hi all,
I'm trying to setup my sudoer file at work to have the right security, but I'm not able to refine to the level I want.
Here's what I would like to have:
=> OS Users
- John (group staff)
- Bob (group staff)
- app20adm (group app20grp)
- app70adm (group app70grp)
- sys20adm... (0 Replies)
Discussion started by: victorbrca
0 Replies
6. Shell Programming and Scripting
Hello,
Recently our team noticed access to groups had not been revoked per sudo file.
We currently have around 160 AIX LPARS.
I am hoping someone can help me write a script that would copy all sudoers file at each machine and dump into 1 large file for me to review.
I have public... (1 Reply)
Discussion started by: audis$
1 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I was asked to create sudoers file for operation team so they can sudo as another user and run few commands.
I have updated /etc/sudoers file.
User_Alias LEVEL1 = JamesF, dennisW, juanC, steveS,
Cmnd_Alias SU_PROD=/bin/su prod, /bin/su - prod
Cmnd_Alias SU_NYOP=/bin/su... (2 Replies)
Discussion started by: samnyc
2 Replies
8. Emergency UNIX and Linux Support
Hi,
I need the details of which ids belong to the sudoers file, and which groups these ids belong to.
Can anyone suggest a way to derive that information into a flat file please?
G (4 Replies)
Discussion started by: ggayathri
4 Replies
9. UNIX for Dummies Questions & Answers
Hi
using Solaris 10. trying to update /etc/sudoers file
I need to add all the fist level operation team. This is what I have but it doesn't seem to work. Please help.Error message
sudo su -
>>> sudoers file: parse error, line 9 <<<
>>> sudoers file: parse error, line 9 <<<
... (2 Replies)
Discussion started by: samnyc
2 Replies
10. UNIX for Beginners Questions & Answers
Hi,
I have several employees of whom we have created Linux user ids as below.
fred
mohtashim
jhon
matt
croft
....
$ id
uid=1018(jhon) gid=1003(techx) groups=1003(techx) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
Note: All my employee users belong to techx... (3 Replies)
Discussion started by: mohtashims
3 Replies
LEARN ABOUT OPENSOLARIS
ndmp
ndmp(4) File Formats ndmp(4)
NAME
ndmp - configuration properties for Solaris Network Data Management Protocol (NDMP) server
DESCRIPTION
The behavior of the Solaris NDMP server is specified by property values that are stored in the Service Management Facility, smf(5).
An authorized user can use the ndmpadm(1M) command to set global values for these properties in SMF.
You can set the following properties by using the ndmpadm set command:
backup-quarantine Backup the files marked as quarantined by AV. Acceptable values are yes or no. The default is no.
dar-support Set the Direct Access Recovery mode. Acceptable values are yes or no. The default is no.
debug-level Set the debug level. The debug-level can be set to either 0 (off) or 1 (on). The default is 0.
debug-path The path to which to save the debug log. The default is /var/ndmp.
dump-pathnode Enable or disable backing up the directories containing modified files or directories in dump(1) backup format.
Acceptable values are yes or no. The default is no.
ignore-ctime Determines whether the change timestamp (ctime) of files and directories is used to determine whether a file should
be backed up in level backup. If this parameter is set to yes, only the modification time (mtime) of the file or
directory determines whether it should be backed up. Acceptable values are yes or no. The default value is no.
overwrite-quarantine Restore quarantined files on top of current files if they already exist. Acceptable values are yes or no. The
default value is no.
restore-quarantine Restore the files that had been marked as quarantined by AV and are backed up. Acceptable values are yes or no. The
default value is no.
tar-pathnode Enable or disable backing up the directories containing modified files or directories in tar(1) backup format.
Acceptable values are yes or no. The default value is no.
token-maxseq Set the maximum sequence number for subsequent token-based incremental backup in NDMP-V4. The default value is 9.
There are two limits for this value: soft-limit, which is 59, and hard-limit, equal to 64. If the token sequence
number, passed by the DMA, is between the soft and hard limits, a warning message is issued to the DMA. The token
sequence number can never exceed the hard-limit value.
version Set the maximum active NDMP protocol version. Valid values are currently 2, 3, and 4. The default is 4.
The following property can only be set when using the ndmpadm enable or ndmpadm disable command:
auth-type Sets the password encryption type for the authentication of local users. Valid values are cram-md5 or cleartext.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWndmpu, SUNWndmpr |
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
SEE ALSO
dump(1), tar(1), ndmpadm(1M), ndmpd(1M), attributes(5), smf(5)
SunOS 5.11 3 Mar 2009 ndmp(4)