It may not be a good idea to grant full root-equivalent privilege to Unix-like OS users. Access should be granted based on actual needs.
You should not edit sudoers directly, by opening it in a text editor. Instead, edit it with visudo, which will verify its validity before saving the changes to disk.
/etc/sudoers
Host alias specification
User alias specification
Cmnd alias specification
User privilege specification
root ALL=(ALL:ALL) ALL
Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
Here, "root ALL=(ALL:ALL) ALL" states that the user root, logged in to any hostname, may run, as a user or group, any command. The general form of this directive is:
user hostname=(run-as-user:run-as-group) command
The special word ALL may be used for any of these values and means that any are allowed.
hope myhost=(mysqluser:mysqlusers) mysqldump
User hope, when logged in to host myhost, may run the command mysqldump as user mysqluser or a member of group mysqlusers. For example, this directive would allow user hope to run this command:
sudo -u mysqluser -g mysqlusers mysqldump
Top comments (0)