Skip to content

Latest commit

 

History

History
20 lines (18 loc) · 836 Bytes

user-group-permission-management.md

File metadata and controls

20 lines (18 loc) · 836 Bytes
Raw

Linux permissions: SUID, SGID, and sticky bit

Linux Sudoers Setting

  1. Allow member of group sudo to run below command
%sudo   ALL=(ALL:ALL) /path/to/allowed/command1,/path/to/allowed/command2
  1. If you want to allow the user to run the allowed commands without entering a password, you can append NOPASSWD: before the command path
%sudo  ALL=(ALL)  NOPASSWD: /path/to/allowed/command
  1. disallow all commands, then allow only poweroff without asking password
# Allow guestx user to remote poweroff
guestx ALL=(ALL) !ALL
guestx ALL=NOPASSWD: /sbin/poweroff

References

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_basic_system_settings/managing-sudo-access_configuring-basic-system-settings