editing /etc/sudoers
Erik Christiansen
dvalin at internode.on.net
Sat Nov 29 09:49:22 UTC 2008
On Fri, Nov 28, 2008 at 11:57:18PM -0700, Robert Holtzman wrote:
> Running 8.04. After adding another user I need to add her to the
> /etc/sudoers file. The Ubuntu forum,
> https://help.ubuntu.com/community/Sudoers talks about vi being the
> default editor for visudo in 8.04. Does this provide the same safeguards
> as visudo did?
AIUI, visudo and vipw merely block concurrent edits, and check syntax.
As the manpage indicates:
>>>
visudo locks the sudoers file against multiple simultaneous edits,
provides basic sanity checks, and checks for parse errors.
<<<
But it is usually vi[m] which is the editor used, if $VISUAL and $EDITOR
aren't defined:
>>>
There is a hard-coded list of editors that visudo will use set at
compile-time that may be overridden via the editor sudoers Default
variable. This list defaults to the path to vi(1) on your system, as
determined by the configure script.
<<<
> If I read the docs right the entry to allow the new user to install
> software would be "username ALL=(username) /usr/bin, /usr/sbin". Could
> someone please confirm this or correct me? Assuming it's correct, is
> that the only entry required? The docs I saw weren't that clear (or was
> it me who was dense?).
If root privileges aren't needed for the commands in /usr/bin, /usr/sbin
to perform installation, that should be OK. Otherwise, to grant your
limited root privileges to username, I'd try:
username ALL=(ALL) /usr/bin, /usr/sbin
Maybe I missed something, though.
Erik
--
A computer without Microsoft is like chocolate cake without ketchup!
More information about the ubuntu-users
mailing list