/gist:7cdf09f77e27bec9d6ab
Secret
Created Aug 11, 2012
| ## sudoers file. | |
| ## | |
| ## This file MUST be edited with the 'visudo' command as root. | |
| ## Failure to use 'visudo' may result in syntax or file permission errors | |
| ## that prevent sudo from running. | |
| ## | |
| ## See the sudoers man page for the details on how to write a sudoers file. | |
| ## | |
| ## | |
| ## Host alias specification | |
| ## | |
| ## Groups of machines. These may include host names (optionally with wildcards), | |
| ## IP addresses, network numbers or netgroups. | |
| # Host_Alias WEBSERVERS = www1, www2, www3 | |
| ## | |
| ## User alias specification | |
| ## | |
| ## Groups of users. These may consist of user names, uids, Unix groups, | |
| ## or netgroups. | |
| # User_Alias ADMINS = millert, dowdy, mikef | |
| ## | |
| ## Cmnd alias specification | |
| ## | |
| ## Groups of commands. Often used to group related commands together. | |
| # Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \ | |
| # /usr/bin/pkill, /usr/bin/top | |
| ## | |
| ## Defaults specification | |
| ## | |
| ## You may wish to keep some of the following environment variables | |
| ## when running commands via sudo. | |
| ## | |
| ## Locale settings | |
| # Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET" | |
| ## | |
| ## Run X applications through sudo; HOME is used to find the | |
| ## .Xauthority file. Note that other programs use HOME to find | |
| ## configuration files and this may lead to privilege escalation! | |
| # Defaults env_keep += "HOME" | |
| ## | |
| ## X11 resource path settings | |
| # Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH" | |
| ## | |
| ## Desktop path settings | |
| # Defaults env_keep += "QTDIR KDEDIR" | |
| ## | |
| ## Allow sudo-run commands to inherit the callers' ConsoleKit session | |
| # Defaults env_keep += "XDG_SESSION_COOKIE" | |
| ## | |
| ## Uncomment to enable special input methods. Care should be taken as | |
| ## this may allow users to subvert the command being run via sudo. | |
| # Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER" | |
| ## | |
| ## Uncomment to enable logging of a command's output, except for | |
| ## sudoreplay and reboot. Use sudoreplay to play back logged sessions. | |
| # Defaults log_output | |
| # Defaults!/usr/bin/sudoreplay !log_output | |
| # Defaults!/usr/local/bin/sudoreplay !log_output | |
| # Defaults!/sbin/reboot !log_output | |
| ## | |
| ## Runas alias specification | |
| ## | |
| ## | |
| ## User privilege specification | |
| ## | |
| root ALL=(ALL) ALL | |
| fanzeyi ALL=(ALL) ALL | |
| # jimmyxuwrk ALL=(ALL) ALL | |
| ## Uncomment to allow members of group wheel to execute any command | |
| # %wheel ALL=(ALL) ALL | |
| ## Same thing without a password | |
| # %wheel ALL=(ALL) NOPASSWD: ALL | |
| ## Uncomment to allow members of group sudo to execute any command | |
| %sudo ALL=(ALL) ALL | |
| ## Uncomment to allow any user to run sudo if they know the password | |
| ## of the user they are running the command as (root by default). | |
| # Defaults targetpw # Ask for the password of the target user | |
| # ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw' | |
| ## Read drop-in files from /etc/sudoers.d | |
| ## (the '#' here does not indicate a comment) | |
| # includedir /etc/sudoers.d |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment