|
Configuring Your Sudoers File |
By
Bryan Young |
|
|
If you are managing a Unix network, you know that there are things that must be done on a regular basis that require root authentication or user privilege elevation. There are three general options available to you. First, you can be constantly on call from your users, authenticating their commands yourself. This is a good way to lose weight as you will be running around constantly, but not a great way to run a network. Second, you can give out the root password. Ha, ha, ha, I know silly right?
The third and smartest option is to set up your /etc/sudoers file to allow selective permissions elevations.
First and foremost, you should not edit the /etc/sudoers file directly. There is a useful command built into the sudo system, visudo, which when run as root will allow you to edit the file safely. Once open, you can begin customizing the permissions for various users and groups. Aliases can be set up to make it easier to manage. There are four kinds of aliases: User_Alias, Runas_Alias, Host_Alias, and Cmnd_Alias. These are just variables or placeholders. For instance, you can set certain users under one name by saying
Continue
Reading |
|
|
|
|