0
1
Suppose root user created a user say user1, and made entries in /etc/sudoers file for "user1" as "user1 ALL=(ALL) ALL". How can user1 check that he has privileges identical to root user ? Does it require to create a shell script for it ?
Java_Linux_Buddy_112358
Posted 2013-11-18T11:07:55.803
Reputation: 11
2
A user can see what he is allowed to run using sudo by running sudo -ll. No script is required. Below is an example:
$ sudo -ll
Matching Defaults entries for user1 on this host:
env_reset, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin
User user1 may run the following commands on this host:
Sudoers entry:
RunAsUsers: ALL
RunAsGroups: ALL
Commands:
ALL
To check if a certain command is allowed you can use sudo -l command. If the command is allowed the full path will be printed.
$ sudo -l ls
/bin/ls
To see what a different user is allowed to do you can add the option -U username.
pabouk
Posted 2013-11-18T11:07:55.803
Reputation: 5 358
sudo -ll will ask my password, is that correct? – Braiam – 2013-11-18T13:36:07.183
@Braiam: Yes, of course. It would be a security hazard to reveal such a sensitive information without authenticating the user. ...but if you allow the user to use sudo without a password (using the NOPASSWD: directive) then sudo -ll will not ask for a password. – pabouk – 2013-11-18T13:49:32.627
Have a look at this - http://superuser.com/questions/553932/how-to-check-if-i-have-sudo-access
– Lawrence – 2013-11-18T11:57:58.203