Visit Our UNIX and Linux User Community


Sudoers - Revoke default policy


 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users Sudoers - Revoke default policy
# 1  
Old 03-24-2015
Sudoers - Revoke default policy

I would like to keep my /etc/sudoers file as distributed and only use a /etc/sudoers.d drop-in file instead.

Everything is working fine except for permissions given to the wheel group in the distribution sudoers file:

Code:
## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL


I don't want people in group wheel to be able to run commands. Now I know I can comment the above line and revoke this permission, however I want to keep the sudoers file as-distributed; so my goal it to revoke these permissions in my drop-in file. I have tried the following without success:

Code:
%wheel
%wheel  ALL=(ALL) !/*

The manual has little info on revoking permissions and I'm running out of ideas.
# 2  
Old 03-25-2015
If you have the fast-glob option enabled, it is not possible to reliably negate commands where the pathname includes wildcards - as in your example.

Previous Thread | Next Thread
Test Your Knowledge in Computers #941
Difficulty: Medium
A ping of death is a type of attack on a computer system that involves sending a malformed or otherwise malicious ping to a computer.
True or False?

6 More Discussions You Might Find Interesting

1. Forum Support Area for Unregistered Users & Account Problems

User banned, requesting to revoke the ban.

My username is abhilashnair. I was banned recently for deleting my post. I wish to apologise for disregarding forum rules. I request you to revoke my ban and give me one more chance if possible, i assure you that I will abide by all rules henceforth Since this is really informative forum and rich... (3 Replies)
Discussion started by: Unregistered
3 Replies

2. Solaris

Sudoers

Having a bit of a discussion with a software vendor about this. Can anyone confirm my understanding? /etc/sudoers file example:- user1 server1 = NOPASSWD:/usr/bin/ls -l user1 server1 = NOPASSWD:/usr/bin/file But then the following command fails (logged in on server 1 as user1) because... (2 Replies)
Discussion started by: psychocandy
2 Replies

3. Solaris

sudoers

this is for the first time i am going to use sudoers i want know how to create sudoers and giving privileges for that users thanks in advance dinu (6 Replies)
Discussion started by: dinu
6 Replies

4. UNIX for Dummies Questions & Answers

sudoers

i just installed/configured apache2.0 on my own aix5.3 mini server. i can start/stop apache by root, but i want to start it under my login id(admin) instead. i need to execute this command: /usr/bin/sudo /usr/IBM/HTTPServer/bin/apachectl stop/start. (5 Replies)
Discussion started by: tjmannonline
5 Replies

5. UNIX for Dummies Questions & Answers

sudoers on HP 11.11

Having a "running low on coffee" moment here & need help. On HP 11.11 where is the sudoers file located; I looked every place I could think of and don't see it. Thanks in advance:confused: (2 Replies)
Discussion started by: dhlopomo
2 Replies

6. UNIX for Dummies Questions & Answers

Revoke Kernel Access..

Hi, I need to know how to revoke the access/permission of Kernel for a group. In details, one of the group 'X' is having kernel access/permission and this group can control the Kernel at anytime. How can we revoke this permission/access ? Thanks, Rohit.. (13 Replies)
Discussion started by: ronix007
13 Replies

Featured Tech Videos