• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

Configuring sudo to Enable Commands for Non-Root Users in Linux

by admin

This post describes how to give sudo permission to non-root users to enable or disable execution of commands. “sudo” tool is used to allow non-root users to run commands that require root privileges. It allows users to run commands as superuser or another user. Login as root user and open “/etc/sudoers” file in edit mode using visudo command:

# visudo
...
## Allow root to run any commands anywhere
root ALL=(ALL) ALL

# Allow kam user to execute iptables & tcpdump commands
# Syntax: Username Hostname= command1,command2

kam server1= /sbin/iptables, /usr/sbin/tcpdump

## Allows members of the 'sys' group to run networking, software,
...

Note: Here, ‘server1’ is the host name of the server. Save and exit visudo.

To enable or disable any command execution for non root user, please edit the same file /etc/sudoers and add or remove commands which you would like to disable for any specific user.

Sudoer file can be used to give root privileges to specific command for specific file. This can be done as:

[user] ALL=(ALL) [command_absolute_path] [file_list_seperated_via_comma]

Example:

Oracle ALL=(ALL) /bin/ls /opt/oracle.ExaWatcher/archive

The spcial symbol “*” can be used for whole subtree. For Example:

Oracle ALL=(ALL) /bin/ls /opt/oracle.ExaWatcher/archive/*

This provide ability to do “ls” with sudo on whole sub-treee (sub directory)

Filed Under: Linux

Some more articles you might also be interested in …

  1. How to modify snmp service to listen to an alternative port in CentOS/RHEL
  2. mailq Command Examples in Linux
  3. Understanding Mac file timestamps
  4. Unable To Boot Up Linux OS with Auditd (CentOS/RHEL)
  5. How to Configure Password Expiration and Complexity Requirements in CentOS/RHEL
  6. How to Reset Root Password in CentOS/RHEL 8
  7. znew Command Examples in Linux
  8. How to Restart Network Services in CentOS/RHEL 8
  9. “ntpq -pn” command returns with error “Name or service not known”
  10. RDEPENDS V/s DEPENDS in Yocto

You May Also Like

Primary Sidebar

Recent Posts

  • vgextend Command Examples in Linux
  • setpci command – configure PCI device
  • db_load command – generate db database
  • bsdtar command – Read and write tape archive files

© 2022 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright