HPE Community
Operating System - HP-UX
1826436 Members
3849 Online
109692 Solutions
New Discussion

How to restrict users in SUDO?

 
Mike_305
Super Advisor

‎08-04-2006 05:38 AM

‎08-04-2006 05:38 AM

How to restrict users in SUDO?

Hi,

How do I specify in sudo to stop all the user from shell level to stop doing any commands, only 4 users should be able to do any root command and force this 4 users to use sudo. I am not sure if it's possible.

How would I configure this?

Thanks,

Mike
If there is problem then don't think as problem, think as opportunity.
0 Kudos
6 REPLIES 6
A. Clay Stephenson
Acclaimed Contributor

‎08-04-2006 05:43 AM

‎08-04-2006 05:43 AM

Re: How to restrict users in SUDO?

Your question is not clear. Are you trying to prevent regular users from ever getting to a shell prompt? If so, sudo has nothing to do with the question. Are you trying to prevent a user from logging in as root? You need to describe the problem better.

If it ain't broke, I can fix that.
0 Kudos
Marvin Strong
Honored Contributor

‎08-04-2006 05:48 AM

‎08-04-2006 05:48 AM

Re: How to restrict users in SUDO?

Not really sure what you are looking for.

If your saying all your users are setup in sudo as ALL ALL then you need to read the sudo documentation it tells exactly how to restrict people.

0 Kudos
Jaime Bolanos Rojas.
Honored Contributor

‎08-04-2006 05:53 AM

‎08-04-2006 05:53 AM

Re: How to restrict users in SUDO?

Mike, take a look at this thread, maybe you can find what you want overthere.

Also sudo is a very complete tool, for which the information on how to restrict users got to be read.

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=87437&admit=-682735245+1154713773183+28353475

Regards,

jaime.
Work hard when the need comes out.
0 Kudos
Mike_305
Super Advisor

‎08-04-2006 06:08 AM

‎08-04-2006 06:08 AM

Re: How to restrict users in SUDO?

Hi,

OK, I am sorry for not being clear but this what I am trying to setup:

I have couple user that need setup in sudo file and I want them to force to user sudo. My understanding was that in order for me to monitor; they need to start the command with sudo (command name).

Also, I am trying to restrict some of them with certain root command.

This is what I have configured in sudo configuration file.

a124 ALL=(root) ALL --> (this means he can do any thing as root)
m5678 ALL=(root) ALL
z789 ALL=(root) ALL
mike ALL=/rm --> (this means that he can not do rm.)

Hopefully I am clear enough.

Appreciate your help.

Thanks,

Mike
If there is problem then don't think as problem, think as opportunity.
0 Kudos
Rick Garland
Honored Contributor

‎08-04-2006 07:25 AM

‎08-04-2006 07:25 AM

Re: How to restrict users in SUDO?

Preceed the commands with the bang (!) character

Example
mike !rm --> (this means that he can not do rm.)

0 Kudos
Mike_305
Super Advisor

‎08-05-2006 11:10 AM

‎08-05-2006 11:10 AM

Re: How to restrict users in SUDO?

Thanks for your help.
If there is problem then don't think as problem, think as opportunity.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.