0
1
Suppose root user created a user say user1, and made entries in /etc/sudoers file for "user1" as "user1 ALL=(ALL) ALL". How can user1 check that he has privileges identical to root user ? Does it require to create a shell script for it ?
0
1
Suppose root user created a user say user1, and made entries in /etc/sudoers file for "user1" as "user1 ALL=(ALL) ALL". How can user1 check that he has privileges identical to root user ? Does it require to create a shell script for it ?
2
A user can see what he is allowed to run using sudo
by running sudo -ll
. No script is required. Below is an example:
$ sudo -ll
Matching Defaults entries for user1 on this host:
env_reset, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin
User user1 may run the following commands on this host:
Sudoers entry:
RunAsUsers: ALL
RunAsGroups: ALL
Commands:
ALL
To check if a certain command is allowed you can use sudo -l command
. If the command is allowed the full path will be printed.
$ sudo -l ls
/bin/ls
To see what a different user is allowed to do you can add the option -U username
.
sudo -ll
will ask my password, is that correct? – Braiam – 2013-11-18T13:36:07.183
@Braiam: Yes, of course. It would be a security hazard to reveal such a sensitive information without authenticating the user. ...but if you allow the user to use sudo
without a password (using the NOPASSWD:
directive) then sudo -ll
will not ask for a password. – pabouk – 2013-11-18T13:49:32.627
Have a look at this - http://superuser.com/questions/553932/how-to-check-if-i-have-sudo-access
– Lawrence – 2013-11-18T11:57:58.203