[ale] sudo frustrations, help please
Jim Kinney
jim.kinney at gmail.com
Tue Aug 25 11:27:41 EDT 2015
Create a Linux group teamsysuser and add users to that group. In
sudoers file
@teamsysusers ALL(ALL) NOPASSWD:ALL
Or shortcut all of this and add them to the WHEEL group (on RHEL-like
systems) and uncomment the WHEEL line in sudoers file.
On Tue, 2015-08-25 at 11:18 -0400, Narahari 'n' Savitha wrote:
> Here is the scenario I am trying to solve.
>
> teamsysuer => system account without a shell but has the following
> entry in sudoers file
>
> teamssysuser ALL(ALL) NOPASSWD:ALL
>
> ========================
>
> narahari => regular user
> robert => regular user
>
> ========================
>
> We want to be able to allow
> narahari and robert run commands as themselves and teamsysuser only.
>
> I have done some playing around sudoers file
>
> User_Alias ALL_MY_USERS = narahari robert
> Runas_Alias TEAM_SYS_USER = teamssysuser
>
> ......
> .......
> ....
> ......
> ......
>
> teamssysuser ALL=(ALL) NOPASSWD: ALL
>
> ALL_MY_USERS ALL = (TEAM_SYS_USER) NOPASSWD:ALL
>
> =================================
>
> I am not sure if this is the right approach or conceptually am I
> wrong ?
>
> -N
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
--
James P. Kinney III
Every time you stop a school, you will have to build a jail. What you
gain at one end you lose at the other. It's like feeding a dog on his
own tail. It won't fatten the dog.
- Speech 11/23/1900 Mark Twain
http://heretothereideas.blogspot.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20150825/dafbefa3/attachment.html>
More information about the Ale
mailing list