Thursday, September 11, 2008

sudo

aqui va el archivo sudoers, que sirve para un usuario común pueda realizar labores que requieren permisología especial, el famoso comando "sudo"

tomado de: http://www.go2linux.org/sudoers-how-to

Do not edit directly the file

To edit it, use the command

visudo

You will see a file more or less like this.

# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#

Defaults        env_reset

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL) ALL

As you can see there is basically one line

root ALL=(ALL) ALL

This lines means that the user root can execute from ALL terminals, acting as ALL (any) users, and run ALL (any) command.

So the first part is the user, the second is the terminal from where the user can use sudo, the third is as which user he may act, and the last one, is which commands he may run.

Let's see some other examples.

operator ALL= /sbin/poweroff

This makes that users operator can from any terminal, run the command poweroff.

You can also create aliases for: users -> User_Alias, run comands as other users -> Runas_Alias, host -> Host_Alias and command-> Cmnd_Alias

These are some examples:

User_Alias OPERATORS = joe, mike, jude
Runas_Alias OP = root, operator
Host_Alias OFNET = 10.1.2.0/255.255.255.0
Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm

As you can see the alias OPERATORS includes the users joe, mike and jude, the alias OP includes the users root and operator, alias OFNET includes the network 10.1.2.0 (all the C class), and the command alias PRINTING includes the commands lpc and lprm.

So a typical sudoers file may look like this.

 User_Alias     OPERATORS = joe, mike, jude
Runas_Alias    OP = root, operator
Host_Alias     OFNET = 10.1.2.0/255.255.255.0
Cmnd_Alias     PRINTING = /usr/sbin/lpc, /usr/bin/lprm

OPERATORS ALL=ALL

#The users in the OPERATORS group can run any command from any terminal.

linus ALL=(OP) ALL

# The user linus can run any command from any terminal as any user in the OP group (root or operator).

user2 OFNET=(ALL) ALL

# user user2 may run any command from any machine in the OFNET network, as any user.

user3 ALL= PRINTING

# user user3 may run lpc and lprm from any machine.

go2linux ALL=(ALL) ALL

# user go2linux may run any command from any machine acting as any user. (like Ubuntu)

You may want to read sudoers man page

-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

cancel script completely on ctrl-c

I found this question interesting: basically how to cancel completely a script and all child processes : You do this by creating a subro...