I like the way Ubuntu Linux works - all people in admin groups should able to run all commands after running it via sudo "command-name". How do I setup sudo under CentOS or Red Hat Enterprise Linux to allow all members of the 'admin' group to run all commands?
/etc/sudoers files allows particular users or groups to run various commands as he root user, without needing the root password. This is useful for delegating roles and permissions to other users without sharing the root password. This file must be edited with the visudo command. Login as the root user and enter:
Append the following line:
## Allows people in group admin to run all commands %admin ALL=(ALL) ALL
Save and close the file. Finally, add a group called admin:
# groupadd admin
Add a user called vivek (existing user) to group admin:
# usermod -a -G admin vivek
Verify group membership:
# id vivek
uid=5001(vivek) gid=5001(vivek) groups=5001(vivek),10(admin)
Login as user vivek and to run any command as the root type:
$ sudo /etc/init.d/httpd restart
To gain root shell, enter:
$ sudo -s
When prompted for a password, enter vivek's password.
How Do I Keep Track Of All Users In Admin Group?
sudo can log both successful and unsuccessful attempts (as well as errors) to syslog (default is /var/log/secure), a log file, or both. By default sudo will log via syslog but this is changeable at configure time or via the sudoers file.
# tail -f /var/log/secure
# grep something /var/log/secure
Please note that sudo will normally only log the command it explicitly runs. If a user runs a command such as sudo su or sudo sh, subsequent commands run from that shell will not be logged, nor will sudo’s access control affect them. The same is true for commands that offer shell escapes (including most editors).
See Also:TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!
- 30 Cool Open Source Software I Discovered in 2013
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop