Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## sudoers file.
- ##
- ## This file MUST be edited with the 'visudo' command as root.
- ## Failure to use 'visudo' may result in syntax or file permission errors
- ## that prevent sudo from running.
- ##
- ## See the sudoers man page for the details on how to write a sudoers file.
- ##
- ##
- ## Host alias specification
- ##
- ## Groups of machines. These may include host names (optionally with wildcards),
- ## IP addresses, network numbers or netgroups.
- # Host_Alias WEBSERVERS = www1, www2, www3
- ##
- ## User alias specification
- ##
- ## Groups of users. These may consist of user names, uids, Unix groups,
- ## or netgroups.
- # User_Alias ADMINS = millert, dowdy, mikef
- ##
- ## Cmnd alias specification
- ##
- ## Groups of commands. Often used to group related commands together.
- # Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \
- # /usr/bin/pkill, /usr/bin/top
- #
- # Cmnd_Alias REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff
- #
- # Cmnd_Alias DEBUGGERS = /usr/bin/gdb, /usr/bin/lldb, /usr/bin/strace, \
- # /usr/bin/truss, /usr/bin/bpftrace, \
- # /usr/bin/dtrace, /usr/bin/dtruss
- #
- # Cmnd_Alias PKGMAN = /usr/bin/apt, /usr/bin/dpkg, /usr/bin/rpm, \
- # /usr/bin/yum, /usr/bin/dnf, /usr/bin/zypper, \
- # /usr/bin/pacman
- ##
- ## Defaults specification
- ##
- ## You may wish to keep some of the following environment variables
- ## when running commands via sudo.
- ##
- ## Locale settings
- # Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET"
- ##
- ## Run X applications through sudo; HOME is used to find the
- ## .Xauthority file. Note that other programs use HOME to find
- ## configuration files and this may lead to privilege escalation!
- # Defaults env_keep += "HOME"
- ##
- ## X11 resource path settings
- # Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH"
- ##
- ## Desktop path settings
- # Defaults env_keep += "QTDIR KDEDIR"
- ##
- ## Allow sudo-run commands to inherit the callers' ConsoleKit session
- # Defaults env_keep += "XDG_SESSION_COOKIE"
- ##
- ## Uncomment to enable special input methods. Care should be taken as
- ## this may allow users to subvert the command being run via sudo.
- # Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
- ##
- ## Uncomment to use a hard-coded PATH instead of the user's to find commands
- # Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
- ##
- ## Uncomment to restore the historic behavior where a command is run in
- ## the user's own terminal.
- # Defaults !use_pty
- ##
- ## Uncomment to send mail if the user does not enter the correct password.
- # Defaults mail_badpass
- ##
- ## Uncomment to enable logging of a command's output, except for
- ## sudoreplay and reboot. Use sudoreplay to play back logged sessions.
- ## Sudo will create up to 2,176,782,336 I/O logs before recycling them.
- ## Set maxseq to a smaller number if you don't have unlimited disk space.
- # Defaults log_output
- # Defaults!/usr/bin/sudoreplay !log_output
- # Defaults!/usr/local/bin/sudoreplay !log_output
- # Defaults!REBOOT !log_output
- # Defaults maxseq = 1000
- ##
- ## Uncomment to disable intercept and log_subcmds for debuggers and
- ## tracers. Otherwise, anything that uses ptrace(2) will be unable
- ## to run under sudo if intercept_type is set to "trace".
- # Defaults!DEBUGGERS !intercept, !log_subcmds
- ##
- ## Uncomment to disable intercept and log_subcmds for package managers.
- ## Some package scripts run a huge number of commands, which is made
- ## slower by these options and also can clutter up the logs.
- # Defaults!PKGMAN !intercept, !log_subcmds
- ##
- ## Runas alias specification
- ##
- ##
- ## User privilege specification
- ##
- root ALL=(ALL:ALL) ALL
- ## Uncomment to allow members of group wheel to execute any command
- # %wheel ALL=(ALL:ALL) ALL
- ## Same thing without a password
- # %wheel ALL=(ALL:ALL) NOPASSWD: ALL
- ## Uncomment to allow members of group sudo to execute any command
- # %sudo ALL=(ALL:ALL) ALL
- ## Uncomment to allow any user to run sudo if they know the password
- ## of the user they are running the command as (root by default).
- # Defaults targetpw # Ask for the password of the target user
- # ALL ALL=(ALL:ALL) ALL # WARNING: only use this together with 'Defaults targetpw'
- ## Read drop-in files from /etc/sudoers.d
- @includedir /etc/sudoers.d
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement