Sudo Cheat Sheet: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
(3 intermediate revisions by the same user not shown) | |||
Line 10: | Line 10: | ||
*Allow apache to exec something | *Allow apache to exec something | ||
www-data ALL=NOPASSWD: /path/command | www-data ALL=NOPASSWD: /path/command | ||
*Allow admin to exec something | |||
admin ALL=(ALL:ALL) ALL | |||
*Allow admin - no pwd | |||
admin ALL=(ALL) NOPASSWD:ALL | |||
*Consider to add in ssh config | |||
AllowUsers admin .... or ansible@1.2.3.4 |
Latest revision as of 21:51, 16 February 2023
- Edit
visudo /etc/sudoers
- Ask for root password when exec sudo -i
Defaults rootpw
- Add user to sudo group
usermod -aG sudo username
- Allow apache to exec something
www-data ALL=NOPASSWD: /path/command
- Allow admin to exec something
admin ALL=(ALL:ALL) ALL
- Allow admin - no pwd
admin ALL=(ALL) NOPASSWD:ALL
- Consider to add in ssh config
AllowUsers admin .... or ansible@1.2.3.4