11-18-2015
Quote:
Originally Posted by
shekar777
All,
I need to disable "sudo -i" and "su - " for all servers in our environment, We want to make sure no one run commands or delete files across environment using switching to root account. can you guys please lets me know if this is achievable.
Thanks and Regards
shekar
Anyone that can do
su - needs to have the root password, therefore no setting can be done to disable it without having the ability to reverse it.
Anyone that can do
sudo -i needs to be allowed as a sudoer, which means you can remove it from
/etc/sudoers
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I'm trying to create a script to remove users from sudoers on multiple servers. I'm able to do this with a one-line script using sed, but only if it's on one server.
Example: sed '/someuser/d' /host/local/etc/sudoers
Also, I think the problem with this one-line script is that I would have to... (4 Replies)
Discussion started by: em23
4 Replies
2. Solaris
Hi,
on solaris 10, I have two users : user1 and user2
I want to create User_Alias and Cmnd_Alias to allow them to execute a command without prompting for sudo password.
command I want these users should be able to run is '/usr/bin/su - abcd' . Also user1 and 2 need not type the 'abcd'... (6 Replies)
Discussion started by: upengan78
6 Replies
3. Solaris
Hello gurus,
Is there a flag or switch that you can added to sudoers file to always have users type 'sudo' prior to running a command? (5 Replies)
Discussion started by: em23
5 Replies
4. Shell Programming and Scripting
Hi all,
I have to create SSH public key for multiple users.
Iam creating a script in which, through root, I have to switch to multiple accounts to create SSH keys and then transfer it to the respective servers.
First I tried with single user id and everything worked fine.
When I try to sudo... (1 Reply)
Discussion started by: deepakwins
1 Replies
5. Shell Programming and Scripting
Well, sudo is a great tool for delegating permissions among admins. But, it's really hard to find a great tool which would give an interactive way of editing /etc/sudoers file. Now, when I say "editing", I really refer to add new groups, users, aliases in the /etc/sudoers file. visudo is great... (2 Replies)
Discussion started by: admin_xor
2 Replies
6. HP-UX
Dear folks.
Considering PCIDSS standards, i have requirment to use sudo(ers) to log everything a certain user executes with root privileges.
Now, for an admin it's just a pain in the ass to prefix every command with sudo.
Only way i can think of is making .aliases and with some awk magic... (6 Replies)
Discussion started by: Peasant
6 Replies
7. Linux
Hi Unix.com people! :)
My question, I think, it's easy to understand.
I want to configure my sudoers file (/etc/sudoers) in order
to hide automatically, some repetitive and annoying commands
to be listed on auth.log (/var/log/auth.log).
Anyone know something, or know where I can... (0 Replies)
Discussion started by: fefafefa
0 Replies
8. Solaris
Hi all,
how can I disable direct login to a Solaris system not only for root user but also for other accounts?
Looking in google I came to the following:
For telnet (/etc/default/login):
disable root access> CONSOLE=/dev/console
disable generic user> ?
For ssh... (5 Replies)
Discussion started by: Evan
5 Replies
9. Solaris
HI Gurus
can I temporary disable users to connect to Solaris, need help
Regards (3 Replies)
Discussion started by: smazshah
3 Replies
10. Solaris
I'm looking for some suggestions to accomplish what a specific user needs, without adding them to the "sudoers" group. I have X user, that is requesting to be able to change file permissions on items owned by others and search directories where X user doesn't have access. I'm open to any... (2 Replies)
Discussion started by: Nvizn
2 Replies