Sudo for dummies?

Joe josephj at main.nc.us
Wed Jun 8 04:08:43 EDT 2005


Thanks to both of you for the good suggestions.  I would like to 
narrowit down a bit - just in case.

Joe

John Seth wrote:

> If you only want a few commands to be run as root using sudo, and only 
> from a specific machine, try this specifying those commands... ie:
>
> username machinename = (root) /usr/sbin/apachectl, /path/to/command
>
> This way you see what's specifying what... The username you want to 
> allow running priviliged commands comes first, followed by the name of 
> the machine... if you run your own domain/hosting it may be something 
> like "machinename.domain.com".  Then follow it with an = sign and root 
> in paren's (tells sudo which user to run as).  Lastly, follow up with 
> a comma separated list of commands that you want the user to be 
> allowed to run as root.
>
> Depending on your preferred level of security, you can do as Dustin 
> mentioned which will allow anyone to log into your computer from any 
> host and run any command as root, or narrow it down to your liking.
>
> I hope that helps to clarify the seemingly complex sudoers file :) And 
> be sure to edit/update the sudoers file using the 'visudo' command.  
> It works just like vim/vi (to exit w/o saving use ":q!" and to exit 
> and save, use ":wq").
>
>  -- Tony Evans
>
>
>
>
> Dustin Reiner wrote:
>
>> run visudo as root, and add the following below the line that reads
>>
>> root ALL=(ALL) ALL
>>
>> <username> ALL=(ALL) ALL
>>
>> where <username> is the user you want to have sudo access.  This
>> basically says allow <username> to run all commands from all machines
>> as all users (or in other words, do anything).  Then to run any
>> command, just use sudo before it.  I.E.
>> sudo service httpd start
>> This gives your user the capability to do anything as root without
>> actually logging in as root.
>>
>> -Dustin
>> On 6/7/05, Joe <josephj at main.nc.us> wrote:
>>
>>> Hi.  I have a few priviledged commands I would like to be able to 
>>> run as
>>> a user without using su.
>>> For the most part, I could put them all (or symlinks to them) in one
>>> protected directory.
>>>
>>> I just read the man pages for sudo, sudoers, visudo and got overwhelmed
>>> by all the options.
>>>
>>> My machine is basically single user (me and root) and is relatively
>>> physically secure.  I'm still running Mandrake 9.1.
>>>
>>> Can someone show me how to set sudo up  in a minimal fashion?
>>> It looks like it's not that complicated once you narrow it down to just
>>> a few things to do.
>>>
>>> TIA
>>>
>>> Joe
>>>
>>> -- 
>>> "If we treat people as they are, we make them worse. If we treat 
>>> people as they ought to be, we help them become what they're capable 
>>> of becoming." -- Goethe
>>>
>>>
>>>
>>
>>
>>
>>
>

-- 
"Each of us is put here in this time and this place to personally decide the future of humankind. Did you think you were put here for something less?" -- Chief Arvol Looking Horse




More information about the nflug mailing list