This content originally appeared on DEV Community and was authored by feng wei
It may not be a good idea to grant full root-equivalent privilege to Unix-like OS users. Access should be granted based on actual needs.
You should not edit sudoers directly, by opening it in a text editor. Instead, edit it with visudo, which will verify its validity before saving the changes to disk.
/etc/sudoers
Host alias specification
User alias specification
Cmnd alias specification
User privilege specification
root ALL=(ALL:ALL) ALL
Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
Here, "root ALL=(ALL:ALL) ALL" states that the user root, logged in to any hostname, may run, as a user or group, any command. The general form of this directive is:
user hostname=(run-as-user:run-as-group) command
The special word ALL may be used for any of these values and means that any are allowed.
hope myhost=(mysqluser:mysqlusers) mysqldump
User hope, when logged in to host myhost, may run the command mysqldump as user mysqluser or a member of group mysqlusers. For example, this directive would allow user hope to run this command:
sudo -u mysqluser -g mysqlusers mysqldump
This content originally appeared on DEV Community and was authored by feng wei
feng wei | Sciencx (2024-08-15T02:49:09+00:00) visudo and /etc/sudoers. Retrieved from https://www.scien.cx/2024/08/15/visudo-and-etc-sudoers/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.