November 12, 2016

How to configure /etc/sudoers

❑ /etc/sudoers : It is the configuration file that configures authority about sudo command

❑ How to configure

❍ visudo -f /etc/sudoers (It can't be configured with vi)
❍ Press Ctrl+x then y to configure and exit

❑ Grammar of sudoers
❍ [Account name] [System allowed to access current system]=([Executing account]) [Available command]
❍ %[Group name] [System allowed to access current system]=([Executing account]) [Available command]

❑ Example of sudoers grammar
❍ %admin 192.168.1.0/255.255.255.0=(apache, myadmin) /usr/bin/sort, /usr/bin/zip → Account in the admin group, when connecting from the 192.168.1.0/255.255.255.0, with authority of apache and myadmin, can use the commands that is /usr/bin/sort and /usr/bin/zip
❍ abc ALL=(ALL) ALL → abc account can all commands with all authority from all system


※ In the case of latest OS such as CentOS7/RHEL7/OL7, wheel group users can use sudo commands by root permission. This is recorded in the sudoers file.

Test environment
O    S Ubuntu 15.10 (64bit) CPU Intel i7-4710MQ 2.50GHz
SHELL GNU bash (4.3.42) GPU Gallium 0.4 on SVGA3D
RAM 984MiB