If you did not use visudo to edit your files and then accidentally messed up /etc/sudoers or messed up a file in /etc/sudoers.d then you will be locked out of sudo. This also automatically ensures that the owner and permissions of the new file is set correctly. Note: Again, you should use the command visudo to edit the file to make sure you do not lock yourself out of the system: sudo visudo -f /etc/sudoers.d/shutdown This is an elegant way of separating different changes to the sudo rights and also leaves the original sudoers file untouched for easier upgrades. Using /etc/sudoers.d instead of modifying /etc/sudoersĪs an alternative to editing the /etc/sudoers file, you could add the two lines to a new file in /etc/sudoers.d e.g. visudo will save your modified file to a temporary location and will only overwrite the real sudoers file if the modified file can be parsed without errors. Note: Always use the command visudo to edit the sudoers file to make sure you do not lock yourself out of the system – just in case you accidentally write something incorrect to the sudoers file. In the following example, the user user can run any command in the directory /home/someuser/bin/: user host = (root) NOPASSWD: /home/someuser/bin/ If the command ends with a trailing / character and points to a directory, the user will be able to run any command in that directory (but not in any sub-directories therein). Providing a relative path is considered a syntax error. using the absolute path to the command to run) as described in the sudoers man page. The commands specified in the sudoers file must be fully qualified (i.e. All other sudoed commands will still require a password. This will allow the user user to run the desired commands on host without entering a password. User host = (root) NOPASSWD: /sbin/reboot If your user is called user and your host is called host you could add these lines to /etc/sudoers: user host = (root) NOPASSWD: /sbin/shutdown You can use the NOPASSWD directive in your /etc/sudoers file.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |