Group with root privileges for special tasks

Support for security such as Firewalls and securing linux
Post Reply
.n3
Posts: 2
Joined: 2017/03/23 11:43:28

Group with root privileges for special tasks

Post by .n3 » 2017/03/23 13:28:41

Hello,

I'm new to CentOS and also to the Linux world. I have setup a CentOS with some services and now I want so customize the user rights. My user is attached to the wheel group to use sudo. That's fine. Now I want to create a new user and add him to a group which also need root privileges, but only for specified commands like firewall-cmd. So every user in this group can execute this command (with sudo), but nothing else like adduser...
I know how to add manage file/directory access with groups, but is it possible to customize root privileges for a special group like described bevor?

cheers

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Group with root privileges for special tasks

Post by TrevorH » 2017/03/23 13:55:26

You can do lots of things with sudo. Check the current contents of visudo and you will see lots of common examples, commented out so that you can amend them to your requirements.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

.n3
Posts: 2
Joined: 2017/03/23 11:43:28

Re: Group with root privileges for special tasks

Post by .n3 » 2017/03/23 14:54:16

Great, thank you very much.

I will create a new command aliases like

Code: Select all

Cmnd_Alias FOOBAR = /sbin/foo, /sbin/bar
and assigned it to a group like

Code: Select all

%my_group ALL = FOOBAR
For specified command I will use something like this.

Code: Select all

%my_group localhost=/sbin/shutdown -h now
Right?

Post Reply