Re: Limited sudo access
On Wed, Dec 21, 2005 at 07:42:44PM -0500, T wrote:
> But it doesn't work. I must have syntax errors. Can you help please?
Does visudo not give errors?
This is what I use and have working:
---
# User alias specification
User_Alias FULLTIMERS = steve
# Cmnd alias specification
Cmnd_Alias APACHE = /etc/init.d/apache2
Cmnd_Alias APT = /usr/bin/apt-get, /usr/bin/dpkg, /usr/sbin/dpkg-changes
Cmnd_Alias MAKE = /usr/bin/make
Cmnd_Alias MEMCACHE = /etc/init.d/memcached
Cmnd_Alias SHELL = /bin/sh, /bin/bash
# User privilege specification
root ALL=(ALL) ALL
# full time sysadmins can run some commands without a password:
FULLTIMERS ALL = NOPASSWD: APT,MAKE,FIREWALL,APACHE,MEMCACHE
# And can get a shell with their password
FULLTIMERS ALL = SHELL
---
Steve
--
Debian GNU/Linux System Administration
http://www.debian-administration.org/
Reply to: