Open main menu

CDOT Wiki β

Changes

OPS245 Lab 4

184 bytes added, 19:10, 23 January 2021
m
Part 2: Adding Limited Sudo Capabilities to Other Users: - clarifying instructions
<li>Try running that command again, this time with sudo.</li>
<li>It still won't work, because this user does not have permission to use sudo for anything.</li>
<li>Log out from '''ops245_1''' and log back in as your normal user.</li>
<li>Create a file called '''ops245_1''' in '''/etc/sudoers.d'''. Add the following line to it:
<b><code><span style="color:#3366CC;font-size:1.2em;">ops245_1 ALL=(ALL) /usr/bin/systemctl</span></code></b>
::This indicates this user can use sudo to run systemctl commands as if they were any account (root is the important one).
</li>
<li>Log out from your normal user and log back in as '''ops245_1'''.</li>
<li>Try restarting sshd again. This time it should work.</li>
<li>Change to your '''ops245_2''' account, and try restarting sshd (with and without sudo).
::That account still can't. Sudo entries only affect the users and groups listed.</li>
<li>We don't want '''ops245_2''' to manage services, that's a job for '''ops245_1''', but we do want them to manage user accounts. So log back in as your regular user and create a sudeors file for '''ops245_2''' and set it so that they can run the useradd, usermod, userdel, groupadd, groupmod, and groupdel commands through sudo.</li>
<li>Test to make sure it works.</li>
</ol>
 
=INVESTIGATION 3: Managing System Services and Run-levels=
932
edits