{"id":358,"date":"2012-06-19T16:21:34","date_gmt":"2012-06-19T08:21:34","guid":{"rendered":"http:\/\/rmohan.com\/?p=358"},"modified":"2012-06-19T16:21:34","modified_gmt":"2012-06-19T08:21:34","slug":"sudo-on-linux","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=358","title":{"rendered":"SUDO on Linux"},"content":{"rendered":"

SUDO on Linux <\/p>\n

cat \/etc\/passwd<\/p>\n

test:x:500:500:test:\/home\/test:\/bin\/bash<\/p>\n

[root@localhost ~]# cp \/etc\/sudoers
\n[root@localhost ~]# cp \/etc\/sudoers \/etc\/sudoers.org<\/p>\n

1) Full Permission to User
\n# User privilege specification
\ntest ALL=(ALL) ALL<\/p>\n

Let restart apache with out sudo <\/p>\n

[test@localhost ~]$ \/etc\/init.d\/httpd restart
\nrm: cannot remove `\/var\/run\/httpd\/httpd.pid’: Permission denied <\/p>\n

test@localhost ~]$ sudo \/etc\/init.d\/httpd restart
\n[sudo] password for test:
\nStopping httpd: [ OK ]<\/p>\n

sudo vi \/etc\/httpd\/conf\/httpd.conf<\/p>\n

2) Limited Permission to User
\n Let restrict to apache stop,start restart <\/p>\n

test ALL=(ALL) \/etc\/init.d\/httpd <\/p>\n

3)Full permission to a user with No password <\/p>\n

test ALL=(ALL) NOPASSWD:ALL<\/p>\n

[test@localhost ~]$ sudo \/etc\/init.d\/vsftpd restart
\nShutting down vsftpd: [FAILED]
\nStarting vsftpd for vsftpd: [ OK ]<\/p>\n

4) All Permission to Group
\n# Members of the admin group may gain root privileges
\n%admin ALL=(ALL) ALL<\/p>\n

5) Limited Permission to Group
\n# Members of the admin group may gain root privileges
\n%admin ALL=(ALL) \/etc\/init.d\/ssh<\/p>\n

6) All Permission to Group with No Password
\n# Members of the admin group may gain root privileges
\n%admin ALL=(ALL) NOPASSWD:ALL<\/p>\n

7)Give Limited Permission to Group with No Password
\n# Members of the admin group may gain root privileges
\n%admin ALL=(ALL) NOPASSWD:\/etc\/init.d\/ssh<\/p>\n","protected":false},"excerpt":{"rendered":"

SUDO on Linux <\/p>\n

cat \/etc\/passwd<\/p>\n

test:x:500:500:test:\/home\/test:\/bin\/bash<\/p>\n

[root@localhost ~]# cp \/etc\/sudoers [root@localhost ~]# cp \/etc\/sudoers \/etc\/sudoers.org<\/p>\n

1) Full Permission to User # User privilege specification test ALL=(ALL) ALL<\/p>\n

Let restart apache with out sudo <\/p>\n

[test@localhost ~]$ \/etc\/init.d\/httpd restart rm: cannot remove `\/var\/run\/httpd\/httpd.pid’: Permission denied <\/p>\n

test@localhost ~]$ sudo \/etc\/init.d\/httpd restart [sudo] password for test: […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/358"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=358"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/358\/revisions"}],"predecessor-version":[{"id":359,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/358\/revisions\/359"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=358"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=358"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=358"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}