editing /etc/sudoers

Erik Christiansen dvalin at internode.on.net
Sat Nov 29 09:49:22 UTC 2008

On Fri, Nov 28, 2008 at 11:57:18PM -0700, Robert Holtzman wrote:
> Running 8.04. After adding another user I need to add her to the 
> /etc/sudoers file. The Ubuntu forum, 
> https://help.ubuntu.com/community/Sudoers talks about vi being the 
> default editor for visudo in 8.04. Does this provide the same safeguards 
> as visudo did?

AIUI, visudo and vipw merely block concurrent edits, and check syntax.
As the manpage indicates:

visudo locks the sudoers file against multiple simultaneous edits,
provides basic sanity checks, and checks for parse errors.

But it is usually vi[m] which is the editor used, if $VISUAL and $EDITOR
aren't defined:

There is a hard-coded list of editors that visudo will use set at
compile-time that may be overridden via the editor sudoers Default
variable.  This list defaults to the path to vi(1) on your system, as
determined by the configure script.

> If I read the docs right the entry to allow the new user to install 
> software would be "username ALL=(username) /usr/bin, /usr/sbin". Could 
> someone please confirm this or correct me? Assuming it's correct, is 
> that the only entry required? The docs I saw weren't that clear (or was 
> it me who was dense?).

If root privileges aren't needed for the commands in /usr/bin, /usr/sbin
to perform installation, that should be OK. Otherwise, to grant your
limited root privileges to username, I'd try:

username ALL=(ALL) /usr/bin, /usr/sbin

Maybe I missed something, though.


A computer without Microsoft is like chocolate cake without ketchup!

More information about the ubuntu-users mailing list