Sudo Cheat Sheet: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 11: | Line 11: | ||
www-data ALL=NOPASSWD: /path/command | www-data ALL=NOPASSWD: /path/command | ||
*Allow | *Allow admin to exec something | ||
admin ALL=(ALL:ALL) ALL | admin ALL=(ALL:ALL) ALL | ||
*Allow admin - no pwd | |||
admin ALL=(ALL) NOPASSWD:ALL | |||
*Consider to add in ssh config | *Consider to add in ssh config | ||
AllowUsers admin .... or ansible@1.2.3.4 | AllowUsers admin .... or ansible@1.2.3.4 | ||
Latest revision as of 21:51, 16 February 2023
- Edit
visudo /etc/sudoers
- Ask for root password when exec sudo -i
Defaults rootpw
- Add user to sudo group
usermod -aG sudo username
- Allow apache to exec something
www-data ALL=NOPASSWD: /path/command
- Allow admin to exec something
admin ALL=(ALL:ALL) ALL
- Allow admin - no pwd
admin ALL=(ALL) NOPASSWD:ALL
- Consider to add in ssh config
AllowUsers admin .... or ansible@1.2.3.4