🐏 mogoz

Search

Syntax
Resources

sudo

May 25, 2025, 1 min read

tags : Linux, Security

Syntax

%coolgroup HOST=(user1:group1) commands_allowed_set1, (user2:group4) commands_allowed_set2
- = : RHS(user/group+hostnames), LHS(target user/group+command list)
  - RHS
    - %coolgroup : The user/group. % prefix for groups.
    - HOST : List of hostnames on which this sudo entry will be effective. Usually, (localhost) so this field is usually left as ALL.
  - LHS
    - This can be comma separated list, usually it’s just one set. Explanation for the first pair in the list.
    - (user1:group1): Specifies which users (and groups) coolgroup will be able to run the commands as.
    - commands_allowed_set1 : List of commands(comma separated) coolgroup will be able to run with elevated privileges.
- Examples
  - %coolgroup ALL=(ALL) ALL
    - LHS
      - (ALL) : %coolgroup will only be able to run as all users. Not groups. sudo cannot be used with -g by that user for the commands.
      - ALL : All commands are allowed.
  - %coolgroup ALL=(ALL:ALL) ALL
    - LHS
      - (ALL:ALL) : %coolgroup will only be able to run as all users and all groups.
      - ALL : All commands are allowed.

Resources

Understanding sudoers(5) syntax

Graph View

Backlinks

No backlinks found

Created with Quartz v4.1.0, © 2025

GitHub
Twitter