Re: How to write such sudoers?
On 3/18/07, Chris Lale <chrislale@untrammelled.co.uk> wrote:
Jeff Zhang wrote:
> On 3/18/07, *Andy Smith* <andy@lug.org.uk <mailto:andy@lug.org.uk>>
> wrote:
>
> On Sun, Mar 18, 2007 at 12:36:50PM +0800, Jeff Zhang wrote:
> > I want the user can execute commands through sudo with PASSWD and
> > NOPASSWD for some exceptional commands, like nmap. I write
> the entity
> > is lists bellow, but it seems not work.
> > test ALL = PASSWD: ALL, NOPASSWD: /usr/bin/nmap
>
> Try:
>
> test ALL = NOPASSWD: /usr/bin/nmap, PASSWD: ALL
>
>
> Thanks much for reply!
> It works with the former line after reboot, maybe duce to some errors
> of the kernel as I just replaced an new one with some patches. The
> latter line will ask password always.
If you find the Sudo man page rather complex, here is an alternative
approach to constructing a sudoers file based on tables:
http://newbiedoc.berlios.de/wiki/How_to_configure_Sudo_to_run_programs_as_a_different_user#The_structure_of_the_Sudoers_file
Wonderful site!
Maybe something more like `Defaults rootpw,timestamp_timeout=0,passwd_tries=1` will make it more valuable?
Reply to: