Sudo Cheat Sheet
- Edit
visudo /etc/sudoers
- Ask for root password when exec sudo -i
Defaults rootpw
- Add user to sudo group
usermod -aG sudo username
- Allow apache to exec something
www-data ALL=NOPASSWD: /path/command
- Allow admin to exec something
admin ALL=(ALL:ALL) ALL
- Allow admin - no pwd
admin ALL=(ALL) NOPASSWD:ALL
- Consider to add in ssh config
AllowUsers admin .... or ansible@1.2.3.4