Sudoers
Sudo ist ein nettes Hilfsmittel, administrative Aufgaben zu delegieren, resp Anderen zu überlassen, ohne gleich den root aus den Fingern zu geben ;-)
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#
# Host alias specification
Host_Alias SYSTEM = ipserv1, ipserv2
# User alias specification
User_Alias IPMAN = ipman,localadm
# Cmnd alias specification
Cmnd_Alias SHRC = /opt/qip50/etc/shrc
Cmnd_Alias QIPRSSTART = /opt/qip50/etc/qip-rs-startup
Cmnd_Alias QIPNETD = /opt/qip50/usr/bin/qip-netd
Cmnd_Alias QIPDHCPMSGD = /opt/qip50/usr/bin/qip-dhcpmsgd
Cmnd_Alias QIPDHCPD = /opt/qip50/usr/bin/dhcpd
Cmnd_Alias QIPRMTD = /opt/qip50/usr/bin/qip-rmtd
Cmnd_Alias NAMED = /usr/sbin/in.named
Cmnd_Alias NDC = /usr/sbin/in.ndc
Cmnd_Alias QIP = /etc/init.d/qip
Cmnd_Alias KILL = /usr/bin/kill
Cmnd_Alias FIND = /usr/bin/find
Cmnd_Alias VI = /usr/bin/vi
Cmnd_Alias TAIL = /usr/bin/tail
Cmnd_Alias CAT = /usr/bin/cat
Cmnd_Alias MORE = /usr/bin/more
Cmnd_Alias GREP = /usr/bin/grep
Cmnd_Alias MV = /usr/bin/mv
Cmnd_Alias CP = /usr/bin/cp
# Defaults specification
Defaults@SYSTEM log_year, logfile=/var/log/sudo.log
# User privilege specification
root ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
# Samples
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users www.jakl.ch=/sbin/shutdown -h now
IPMAN SYSTEM = NOPASSWD : SHRC
IPMAN SYSTEM = NOPASSWD : QIPRSSTART
IPMAN SYSTEM = NOPASSWD : QIPNETD
IPMAN SYSTEM = NOPASSWD : QIPDHCPMSGD
IPMAN SYSTEM = NOPASSWD : QIPDHCPD
IPMAN SYSTEM = NOPASSWD : QIPRMTD
IPMAN SYSTEM = NOPASSWD : NAMED
IPMAN SYSTEM = NOPASSWD : NDC
IPMAN SYSTEM = NOPASSWD : QIP
IPMAN SYSTEM = NOPASSWD : KILL
IPMAN SYSTEM = NOPASSWD : FIND
IPMAN SYSTEM = NOPASSWD : VI
IPMAN SYSTEM = NOPASSWD : TAIL
IPMAN SYSTEM = NOPASSWD : GREP
IPMAN SYSTEM = NOPASSWD : CAT
IPMAN SYSTEM = NOPASSWD : MORE
IPMAN SYSTEM = NOPASSWD : MV
IPMAN SYSTEM = NOPASSWD : CP
#########################################
########################################
######## EINFACHERES SETUP ############
#######################################
######################################
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#
# Host alias specification
Host_Alias SYSTEM = zoidberg, leela, bender, fry
# User alias specification
User_Alias MEDU = a129305, a169336, a116557, a277794, a625760, a300535, a732527, a356217, a650531, a319720, a287726, a507639, a653499, a516235, a372877, a570527, a711344, a171557, a791254, a283047, a689971, a681322, a685360, a940982, a363695, a111583, a691325, a725945, a661274, a122852, a590057, a484613, a132198, a522711, a396633, a124331, a120526, atcim11
# Cmnd alias specification
Cmnd_Alias PRT = /pdm/encaps/axsCheckprint/ccp_3.pl, \
/pdm/encaps/axsCheckprint/ttgui.pl, \
/pdm/encaps/srtBulletin/start_re4sb, \
/pdm/encaps/srtTools/SRT_create_cust_mi-srv.pl, \
/pdm/encaps/srtTools/SRT_sb_delete-srv.pl, \
/opt/medoc/perl/bin/perl
# Defaults specification
Defaults@SYSTEM log_year, logfile=/var/log/sudo.log
# Runas alias specification
# User privilege specification
root ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
#%wheel ALL=(ALL) ALL
# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
# Samples
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users www.jakl.ch=/sbin/shutdown -h now
MEDU SYSTEM = (sysadmin) NOPASSWD: PRT
# su - auf einen user machen der keine pw hat und sich nicht einloggen kann
%operator ALL = NOPASSWD: /usr/bin/su operator