sudoers sudoedit recursive wildcard

You could give the user access to the sudo group:

Here's how I setup a non-root user on Ubuntu 18.04:

groupadd -g 999 foobaz && useradd -u 999 -g foobaz -G sudo -m -s /bin/bash foobaz &&
sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' &&
sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g' &&
sed -i /etc/sudoers -re 's/^#includedir.*/## **Removed the include directive** ##"/g' &&
echo "foobaz ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers &&
echo "Enabled passwordless access to the sudo group for the foobaz user!" &&
echo "foobaz user:";  su - foobaz -c id

What happens with the above code:

The user and group foobaz is created.
The user foobaz is added to the both the foobaz and sudo group.
The uid and gid is set to the value of 999.
The home directory is set to /home/foobaz.
The shell is set to /bin/bash.
The sed command does inline updates to the /etc/sudoers file to allow foobaz and root users passwordless access to the sudo group.
The sed command disables the #includedir directive that would allow any files in subdirectories to override these inline updates.

Then you'll be able to run su foobaz, sudo -s, exit, etc.

If you want the short version, just run:

echo "foobaz ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

Beware that this will append to the existing /etc/sudoers file instead of properly updating the contents.

Seth Bergman

Posted 2019-10-03T15:16:04.350

Reputation: 23

Not sure you can do that. The command is run 'as is'. Anyway, once you are inside the editor, I don't know what would stop the user to open another file. What is it you are trying to do? – Eduardo Trápani – 2019-10-03T15:36:02.697

@EduardoTrápani - want to let a support user edit config files in a non-sensitive area without changing permissions on those files (as it would require changing the installation process of tons of software) – bobah – 2019-10-03T16:15:18.840

sudoers sudoedit recursive wildcard

Answers