Linux Sudo Restriction

Posted on August 6, 2008

Question: How can I make extra sudo restriction on Linux?

Solutions:
Type: visudo
insert a line
#Disable sudo su -
username ALL=(ALL) ALL, !/bin/su, !/bin/su -, !/bin/su - *
test ALL=(ALL) ALL, !/bin/su, !/bin/su -, !/bin/su - *

#Disable reset root password
username ALL=(ALL) ALL, !/usr/bin/passwd root
test ALL=(ALL) ALL, !/usr/bin/passwd root

#Disable visudo
username ALL=(ALL) ALL, !/usr/sbin/visudo
test ALL=(ALL) ALL, !/usr/sbin/visudo

Save and exit.

Basically you can combine the example as above into single if apply to same username.
For an example:
test ALL=(ALL) ALL, !/bin/su, !/bin/su -, !/bin/su - *, !/usr/bin/passwd root, !/usr/sbin/visudo

Possibly Related Posts:

« SFTP connection error

Categories How's To, Open Source, Tips

Thanks to VMware ESX 3.5 Update 2 Bug »

Comments

Leave a Reply

Recent Comments
Categories
- Advertisement
- Aggregates
- Announcement
- Blog
- Blogroll
- Contacts
- Events
- Forum
- How's To
- ISP
- Make Money
- Microsoft
- News
- Open Source
- Personal
- Politics
- Poll
- SEO
- Soccer
- Tips
- Training
- Uncategorized
- VMware
- Web 2.0
- Windows

Linux Sudo Restriction

Comments

Planet Malaysia

Recent Comments

Categories

Recent Posts

Archives

Recently Written

Recent Comments

Yearly Archives

Subscribe RSS Feed

Find It