https://community.hpe.com/t5/operating-system-hp-ux/sudoers-file/m-p/6217175#M485392 <P>Line 1:</P><P>&gt; User_Alias ADMINS = user1, user2</P><P>&nbsp;</P><P>This defines an "user alias": a collective name for a set of one or more users, for the purpose of identifying the users who can do something with sudo.</P><P>&nbsp;</P><P>There are other alias types: Host_Alias for defining a set of hosts, Runas_Alias for defining a set of users someone can run commands as, and Cmnd_Alias for defining a set of commands you might allow to be run through sudo.</P><P>&nbsp;</P><P>You don't *have* to use any of these aliases, but if your sudo configuration is complex, the aliases will allow you to group things so you don't have to repeat long lists of users/hosts/commands.</P><P>&nbsp;</P><P>Line 2:</P><P>&gt; <FONT color="#FF0000">root</FONT>&nbsp;&nbsp;&nbsp; <FONT color="#99CC00">ALL</FONT> = (<FONT color="#800080">ALL</FONT>) <FONT color="#0000FF">ALL</FONT></P><P>&nbsp;</P><P>This is the basic form of a sudoers user specification.</P><P>It says that <FONT color="#FF0000">root</FONT> is allowed to use sudo <FONT color="#99CC00">on all hosts using this sudoers file</FONT>, to <FONT color="#0000FF">run all possible commands</FONT>, <FONT color="#800080">as any user</FONT>.</P><P>&nbsp;</P><P>When a sudoers file is used on a single host, most sysadmins won't bother using the actual hostname in the hosts field; they will type "ALL" in the host field instead.</P><P>&nbsp;</P><P>If you have a centrally managed sudoers file that is used on multiple hosts, you can use the hosts field to restrict some sudoers user specifications to a particular (set of) host(s) only.</P><P><BR />Line 3:</P><P>&gt; <FONT color="#FF0000">ADMINS</FONT> <FONT color="#99CC00">ALL</FONT> = NOPASSWD: <FONT color="#0000FF">ALL</FONT></P><P>&nbsp;</P><P>This is another user specification, using the ADMINS user alias defined on line 1.</P><P>It also has the NOPASSWD tag, indicating that no password prompt will be presented before running the command.</P><P>&nbsp;</P><P>The users listed by the ADMINS user alias may run <FONT color="#0000FF">all commands</FONT> as root (if the run-as field is omitted, the default value of <FONT color="#800080"><FONT color="#000000">(</FONT>root<FONT color="#000000">)</FONT></FONT> is assumed.</P><P>&nbsp;</P><P>So, line 3 could is exactly equivalent to:</P><PRE>user1, user2 ALL = (root) NOPASSWD: ALL</PRE><P>&nbsp;</P><P>You might want to write a comment like this as a syntax reminder to your sudoers file:</P><PRE># &lt;WHO does&gt; &lt;WHERE&gt; = (&lt;as WHO&gt;) &lt;WHAT&gt; </PRE><P>&nbsp;</P> Wed, 25 Sep 2013 19:10:19 GMT Matti_Kurkela 2013-09-25T19:10:19Z https://community.hpe.com/t5/operating-system-hp-ux/sudoers-file/m-p/6216927#M485391 <P>Hi</P><P>&nbsp;</P><P>User_Alias&nbsp;&nbsp;&nbsp;&nbsp; ADMINS =&nbsp; user1, user2<BR />root&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ALL = (ALL) ALL<BR />ADMINS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ALL = NOPASSWD: ALL</P><P>&nbsp;</P><P>--&gt; 1.Can you explain me the Line 1,2 3.</P><P>&nbsp;</P><P>--&gt; 2.suppose if i am adding user3 instead of root in Line 2 ,at this point what it refers to.</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 25 Sep 2013 15:22:27 GMT https://community.hpe.com/t5/operating-system-hp-ux/sudoers-file/m-p/6216927#M485391 tempsample 2013-09-25T15:22:27Z https://community.hpe.com/t5/operating-system-hp-ux/sudoers-file/m-p/6217175#M485392 <P>Line 1:</P><P>&gt; User_Alias ADMINS = user1, user2</P><P>&nbsp;</P><P>This defines an "user alias": a collective name for a set of one or more users, for the purpose of identifying the users who can do something with sudo.</P><P>&nbsp;</P><P>There are other alias types: Host_Alias for defining a set of hosts, Runas_Alias for defining a set of users someone can run commands as, and Cmnd_Alias for defining a set of commands you might allow to be run through sudo.</P><P>&nbsp;</P><P>You don't *have* to use any of these aliases, but if your sudo configuration is complex, the aliases will allow you to group things so you don't have to repeat long lists of users/hosts/commands.</P><P>&nbsp;</P><P>Line 2:</P><P>&gt; <FONT color="#FF0000">root</FONT>&nbsp;&nbsp;&nbsp; <FONT color="#99CC00">ALL</FONT> = (<FONT color="#800080">ALL</FONT>) <FONT color="#0000FF">ALL</FONT></P><P>&nbsp;</P><P>This is the basic form of a sudoers user specification.</P><P>It says that <FONT color="#FF0000">root</FONT> is allowed to use sudo <FONT color="#99CC00">on all hosts using this sudoers file</FONT>, to <FONT color="#0000FF">run all possible commands</FONT>, <FONT color="#800080">as any user</FONT>.</P><P>&nbsp;</P><P>When a sudoers file is used on a single host, most sysadmins won't bother using the actual hostname in the hosts field; they will type "ALL" in the host field instead.</P><P>&nbsp;</P><P>If you have a centrally managed sudoers file that is used on multiple hosts, you can use the hosts field to restrict some sudoers user specifications to a particular (set of) host(s) only.</P><P><BR />Line 3:</P><P>&gt; <FONT color="#FF0000">ADMINS</FONT> <FONT color="#99CC00">ALL</FONT> = NOPASSWD: <FONT color="#0000FF">ALL</FONT></P><P>&nbsp;</P><P>This is another user specification, using the ADMINS user alias defined on line 1.</P><P>It also has the NOPASSWD tag, indicating that no password prompt will be presented before running the command.</P><P>&nbsp;</P><P>The users listed by the ADMINS user alias may run <FONT color="#0000FF">all commands</FONT> as root (if the run-as field is omitted, the default value of <FONT color="#800080"><FONT color="#000000">(</FONT>root<FONT color="#000000">)</FONT></FONT> is assumed.</P><P>&nbsp;</P><P>So, line 3 could is exactly equivalent to:</P><PRE>user1, user2 ALL = (root) NOPASSWD: ALL</PRE><P>&nbsp;</P><P>You might want to write a comment like this as a syntax reminder to your sudoers file:</P><PRE># &lt;WHO does&gt; &lt;WHERE&gt; = (&lt;as WHO&gt;) &lt;WHAT&gt; </PRE><P>&nbsp;</P> Wed, 25 Sep 2013 19:10:19 GMT https://community.hpe.com/t5/operating-system-hp-ux/sudoers-file/m-p/6217175#M485392 Matti_Kurkela 2013-09-25T19:10:19Z