10 Useful Sudoers Configurations for Setting ‘sudo’ in Linux

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Aaron Kili

Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

3 Responses

  1. Brain says:

    Hi,

    Thanks for the nice overview.

    Can you help with this?

    I want to mount a special source without root privileges. So I made an entry in the /ect/sudoers file:

    username       ALL = NOPASSWD: /sbin/mount.cifs, /bin/umount /mnt/folder
    

    How can I restrict the source that I want to mount to be only one that can be mounted. Now username can mount everything.

    Thanks in advance.

    Bye,

    • Garry Garrett says:

      I think what you may want to do is, instead of using sudo, add the mount to /etc/fstab, and include the option “user” (see the man page on “mount”). What this will do is allow ordinary users to mount/unmount the filesystem. That would allow ALL users to mount/unmount it. They can then say “mount /mnt/folder“. This mount option is specific to Linux and would not work on other flavors of Unix.

      Another option would be to use the automounter. You could setup a direct automount map. Then whenever a user does “cd /mnt/folder“, it mounts. After it mounts, every 5 minutes, it half-heartedly attempts to unmount it, which will not be successful if it is still in use. Again, this would allow ALL users to mount it.

      If you really want just the one user to be able to mount/unmount, then you’d need to spell out the full mount command (not /sbin/mount.cifs):

      user ALL = NOPASSWD: /bin/mount /path-to-device /mnt/folder, /bin/umount /mnt/folder

      (there might be some options you’ll want to specify after “mount”, e.g. “-o ro”, “-t cifs”, etc.). The user will then need to type the command-line exactly as it appears in sudoers (if they are not that savvy, create them an alias).

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.