Sudo for dummies?

John Seth johnseth at phoenixwing.com
Tue Jun 7 22:34:51 EDT 2005 

If you only want a few commands to be run as root using sudo, and only 
from a specific machine, try this specifying those commands... ie:

username machinename = (root) /usr/sbin/apachectl, /path/to/command

This way you see what's specifying what... The username you want to 
allow running priviliged commands comes first, followed by the name of 
the machine... if you run your own domain/hosting it may be something 
like "machinename.domain.com".  Then follow it with an = sign and root 
in paren's (tells sudo which user to run as).  Lastly, follow up with a 
comma separated list of commands that you want the user to be allowed to 
run as root.

Depending on your preferred level of security, you can do as Dustin 
mentioned which will allow anyone to log into your computer from any 
host and run any command as root, or narrow it down to your liking.

I hope that helps to clarify the seemingly complex sudoers file :) And 
be sure to edit/update the sudoers file using the 'visudo' command.  It 
works just like vim/vi (to exit w/o saving use ":q!" and to exit and 
save, use ":wq").

  -- Tony Evans




Dustin Reiner wrote:
> run visudo as root, and add the following below the line that reads
> 
> root ALL=(ALL) ALL
> 
> <username> ALL=(ALL) ALL
> 
> where <username> is the user you want to have sudo access.  This
> basically says allow <username> to run all commands from all machines
> as all users (or in other words, do anything).  Then to run any
> command, just use sudo before it.  I.E.
> sudo service httpd start 
> 
> This gives your user the capability to do anything as root without
> actually logging in as root.
> 
> -Dustin 
> 
> On 6/7/05, Joe <josephj at main.nc.us> wrote:
> 
>>Hi.  I have a few priviledged commands I would like to be able to run as
>>a user without using su.
>>For the most part, I could put them all (or symlinks to them) in one
>>protected directory.
>>
>>I just read the man pages for sudo, sudoers, visudo and got overwhelmed
>>by all the options.
>>
>>My machine is basically single user (me and root) and is relatively
>>physically secure.  I'm still running Mandrake 9.1.
>>
>>Can someone show me how to set sudo up  in a minimal fashion?
>>It looks like it's not that complicated once you narrow it down to just
>>a few things to do.
>>
>>TIA
>>
>>Joe
>>
>>--
>>"If we treat people as they are, we make them worse. If we treat people as they ought to be, we help them become what they're capable of becoming." -- Goethe
>>
>>
>>
> 
> 
> 
>

More information about the nflug mailing list