The sudoers file format is:
"user list" "host list" = "operator list" "tag list" "command list"
"tag list" is the NOPASSWD / PASSWD option, and it's optional.
where each list can be made of actual values or aliases (User_Alias Runas_Alias Host_Alias Cmnd_Alias)
A simple example here: how to give all root privileges to user vagrant:
Login as root
visudo
append this:
vagrant ALL=(ALL) ALLexit visudo with :wq
sudo su - vagrant
cat /etc/sudoers
cat: /etc/sudoers: Permission denied (of course, vagrant user cannot see the /etc/sudoers file which is only read for root)
sudo cat /etc/sudoers
this one works, because it's being executed as the root user !
Hint: you can also use visudo -f /etc/sudoers.d/filename
No comments:
Post a Comment