Skip to content

Instantly share code, notes, and snippets.

@sadams

sadams/sudoers-notes.md

Last active August 29, 2015 14:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save sadams/e3bfcdbc2285f88c82a8 to your computer and use it in GitHub Desktop.
Save sadams/e3bfcdbc2285f88c82a8 to your computer and use it in GitHub Desktop.
Download ZIP
notes on *nix sudoers file
Raw
sudoers-notes.md

notes on sudoers

to view/edit:

/etc/sudoers

or

visudo

but really you should use:

 /etc/sudoers.d/something

to give all access without password:

username ALL=(ALL) NOPASSWD:ALL

to give access to certain commands, without password:

username ALL=(ALL) NOPASSWD:/usr/sbin/service myservice start

to give access to certain commands, with wildcard:

username ALL=(ALL) NOPASSWD:/usr/sbin/service myservice *

some gotchas/caveats/generally wierd shit

The following is not a comment (!):

#includedir /etc/sudoers.d

"It is possible to include other sudoers files from within the sudoers file currently being parsed using the #include and #includedir directives."

Included sudoers files ...

MUST have a newline at the end of file

Syntax errors ...

Will mean you can't sudo to fix the problem, so:

  1. always include a new line in /etc/sudoers.d/...
  2. before editing, open another terminal and leave it open as root user
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment