Comments on: Give users specific access with sudo http://www.ghacks.net/2009/06/24/give-users-specific-access-with-sudo/ A technology news blog covering software, mobile phones, gadgets, security, the Internet and other relevant areas. Sun, 12 Feb 2012 06:10:44 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Give Yourself The Proper Linux Privileges on Your New Machinehttp://www.ghacks.net/2009/06/24/give-users-specific-access-with-sudo/comment-page-1/#comment-1347471 Give Yourself The Proper Linux Privileges on Your New Machine Thu, 16 Jun 2011 07:27:19 +0000 http://www.ghacks.net/?p=13835#comment-1347471 [...] is one that is easily forgotten. Once you have given yourself sudo privileges you can give them to other Linux users as well, whether you have multiple profiles set up for other users on your computer or even [...] [...] is one that is easily forgotten. Once you have given yourself sudo privileges you can give them to other Linux users as well, whether you have multiple profiles set up for other users on your computer or even [...]

]]> By: Give users specific access with sudo - Computer Forumshttp://www.ghacks.net/2009/06/24/give-users-specific-access-with-sudo/comment-page-1/#comment-837543 Give users specific access with sudo - Computer Forums Thu, 25 Jun 2009 12:28:31 +0000 http://www.ghacks.net/?p=13835#comment-837543 [...] [...] [...] [...]

]]> By: thebillywaynehttp://www.ghacks.net/2009/06/24/give-users-specific-access-with-sudo/comment-page-1/#comment-837532 thebillywayne Thu, 25 Jun 2009 12:16:54 +0000 http://www.ghacks.net/?p=13835#comment-837532 Me? Hate on nano? Never. It's just that every sudoers file I've ever read has the following line: # This file MUST be edited with the 'visudo' command as root. But it turns out that I'm wrong. `visudo` has the ability invoke whatever editor you have stored in your $EDITOR variable. from the man page, env_editor If set, visudo will use the value of the EDITOR or VISUAL environment vari- ables before falling back on the default editor list. Note that this may create a security hole as it allows the user to run any arbitrary command as root without logging. A safer alternative is to place a colon-separated list of editors in the editor variable. visudo will then only use the EDITOR or VISUAL if they match a value specified in editor. This flag is on by default. So you can use any editor you like. But you still *have* to use the `visudo` command. So ... export EDITOR=nano sudo visudo nano works fine. However, I have it on good authority that every time someone uses emacs, a puppy somewhere gets shot. Harsh. But true. Me? Hate on nano? Never.

It’s just that every sudoers file I’ve ever read has the following line:
# This file MUST be edited with the ‘visudo’ command as root.

But it turns out that I’m wrong. `visudo` has the ability invoke whatever editor you have stored in your $EDITOR variable.

from the man page,

env_editor
If set, visudo will use the value of the EDITOR or VISUAL environment vari-
ables before falling back on the default editor list. Note that this may
create a security hole as it allows the user to run any arbitrary command as
root without logging. A safer alternative is to place a colon-separated list
of editors in the editor variable. visudo will then only use the EDITOR or
VISUAL if they match a value specified in editor. This flag is on by
default.

So you can use any editor you like. But you still *have* to use the `visudo` command.

So …

export EDITOR=nano
sudo visudo

nano works fine. However, I have it on good authority that every time someone uses emacs, a puppy somewhere gets shot. Harsh. But true.

]]> By: Jack Wallenhttp://www.ghacks.net/2009/06/24/give-users-specific-access-with-sudo/comment-page-1/#comment-837056 Jack Wallen Wed, 24 Jun 2009 21:35:43 +0000 http://www.ghacks.net/?p=13835#comment-837056 Billy: Are you hating on nano? ;-) I bet if I said to edit it with emacs a war would start. Billy: Are you hating on nano? ;-) I bet if I said to edit it with emacs a war would start.

]]> By: Billy Waynehttp://www.ghacks.net/2009/06/24/give-users-specific-access-with-sudo/comment-page-1/#comment-837047 Billy Wayne Wed, 24 Jun 2009 21:23:44 +0000 http://www.ghacks.net/?p=13835#comment-837047 Oh no! You *have* to edit sudoers with `visudo` and nothing else!! sudo visudo you have to learn some basic vi keystrokes but that's better than fubar'ing sudoers! Oh no! You *have* to edit sudoers with `visudo` and nothing else!! sudo visudo

you have to learn some basic vi keystrokes but that’s better than fubar’ing sudoers!

]]>