Saturday, August 8, 2009

Granting Privileges to a Group via sudo

Let a set of users run commands as another user.


Define a Linux group containing those users:

/etc/group:
mygroup:x:1200:joe,jane,hiram,krishna
Then create a sudo rule with the %groupname syntax:

/etc/sudoers:
# Let the group run a particular program:
%mygroup ALL = (root) /usr/local/bin/mycommand arg1 arg2
# Give full superuser privileges to the group
%mygroup ALL = (ALL) ALL

No comments:

Post a Comment