testan a reboold
This commit is contained in:
@@ -0,0 +1,47 @@
|
|||||||
|
#
|
||||||
|
# This file MUST be edited with the 'visudo' command as root.
|
||||||
|
#
|
||||||
|
# Please consider adding local content in /etc/sudoers.d/ instead of
|
||||||
|
# directly modifying this file.
|
||||||
|
#
|
||||||
|
# See the man page for details on how to write a sudoers file.
|
||||||
|
#
|
||||||
|
Defaults env_reset
|
||||||
|
Defaults mail_badpass
|
||||||
|
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
||||||
|
|
||||||
|
# This fixes CVE-2005-4890 and possibly breaks some versions of kdesu
|
||||||
|
# (#1011624, https://bugs.kde.org/show_bug.cgi?id=452532)
|
||||||
|
Defaults use_pty
|
||||||
|
|
||||||
|
# This preserves proxy settings from user environments of root
|
||||||
|
# equivalent users (group sudo)
|
||||||
|
#Defaults:%sudo env_keep += "http_proxy https_proxy ftp_proxy all_proxy no_proxy"
|
||||||
|
|
||||||
|
# This allows running arbitrary commands, but so does ALL, and it means
|
||||||
|
# different sudoers have their choice of editor respected.
|
||||||
|
#Defaults:%sudo env_keep += "EDITOR"
|
||||||
|
|
||||||
|
# Completely harmless preservation of a user preference.
|
||||||
|
#Defaults:%sudo env_keep += "GREP_COLOR"
|
||||||
|
|
||||||
|
# While you shouldn't normally run git as root, you need to with etckeeper
|
||||||
|
#Defaults:%sudo env_keep += "GIT_AUTHOR_* GIT_COMMITTER_*"
|
||||||
|
|
||||||
|
# Per-user preferences; root won't have sensible values for them.
|
||||||
|
#Defaults:%sudo env_keep += "EMAIL DEBEMAIL DEBFULLNAME"
|
||||||
|
|
||||||
|
# "sudo scp" or "sudo rsync" should be able to use your SSH agent.
|
||||||
|
#Defaults:%sudo env_keep += "SSH_AGENT_PID SSH_AUTH_SOCK"
|
||||||
|
|
||||||
|
# User privilege specification
|
||||||
|
root ALL=(ALL:ALL) ALL
|
||||||
|
|
||||||
|
# Allow members of group sudo to execute any command
|
||||||
|
# %sudo ALL=(ALL:ALL) ALL
|
||||||
|
|
||||||
|
# passwordless sudo for sudo group
|
||||||
|
%sudo ALL = (ALL) NOPASSWD: ALL
|
||||||
|
|
||||||
|
# See sudoers(5) for more information on "@include" directives:
|
||||||
|
@includedir /etc/sudoers.d
|
||||||
@@ -0,0 +1,47 @@
|
|||||||
|
#
|
||||||
|
# This file MUST be edited with the 'visudo' command as root.
|
||||||
|
#
|
||||||
|
# Please consider adding local content in /etc/sudoers.d/ instead of
|
||||||
|
# directly modifying this file.
|
||||||
|
#
|
||||||
|
# See the man page for details on how to write a sudoers file.
|
||||||
|
#
|
||||||
|
Defaults env_reset
|
||||||
|
Defaults mail_badpass
|
||||||
|
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
||||||
|
|
||||||
|
# This fixes CVE-2005-4890 and possibly breaks some versions of kdesu
|
||||||
|
# (#1011624, https://bugs.kde.org/show_bug.cgi?id=452532)
|
||||||
|
Defaults use_pty
|
||||||
|
|
||||||
|
# This preserves proxy settings from user environments of root
|
||||||
|
# equivalent users (group sudo)
|
||||||
|
#Defaults:%sudo env_keep += "http_proxy https_proxy ftp_proxy all_proxy no_proxy"
|
||||||
|
|
||||||
|
# This allows running arbitrary commands, but so does ALL, and it means
|
||||||
|
# different sudoers have their choice of editor respected.
|
||||||
|
#Defaults:%sudo env_keep += "EDITOR"
|
||||||
|
|
||||||
|
# Completely harmless preservation of a user preference.
|
||||||
|
#Defaults:%sudo env_keep += "GREP_COLOR"
|
||||||
|
|
||||||
|
# While you shouldn't normally run git as root, you need to with etckeeper
|
||||||
|
#Defaults:%sudo env_keep += "GIT_AUTHOR_* GIT_COMMITTER_*"
|
||||||
|
|
||||||
|
# Per-user preferences; root won't have sensible values for them.
|
||||||
|
#Defaults:%sudo env_keep += "EMAIL DEBEMAIL DEBFULLNAME"
|
||||||
|
|
||||||
|
# "sudo scp" or "sudo rsync" should be able to use your SSH agent.
|
||||||
|
#Defaults:%sudo env_keep += "SSH_AGENT_PID SSH_AUTH_SOCK"
|
||||||
|
|
||||||
|
# User privilege specification
|
||||||
|
root ALL=(ALL:ALL) ALL
|
||||||
|
|
||||||
|
# Allow members of group sudo to execute any command
|
||||||
|
# %sudo ALL=(ALL:ALL) ALL
|
||||||
|
|
||||||
|
# passwordless sudo for sudo group
|
||||||
|
%sudo ALL = (ALL) NOPASSWD: ALL
|
||||||
|
|
||||||
|
# See sudoers(5) for more information on "@include" directives:
|
||||||
|
@includedir /etc/sudoers.d
|
||||||
+5
-3
@@ -61,16 +61,18 @@ sudo bash -c "cat $udev_new > $udev_rule"
|
|||||||
# setup and install root crontabs
|
# setup and install root crontabs
|
||||||
echo -e "\tInstalling crontabs! just save file and exit with no edits"
|
echo -e "\tInstalling crontabs! just save file and exit with no edits"
|
||||||
read -p "Press ENTER to Continue"
|
read -p "Press ENTER to Continue"
|
||||||
|
sudo crontab -e
|
||||||
(sudo crontab -l 2>/dev/null && sudo cat $crontab_new) | sudo crontab -
|
(sudo crontab -l 2>/dev/null && sudo cat $crontab_new) | sudo crontab -
|
||||||
|
## test it
|
||||||
|
# sudo visudo -c
|
||||||
|
|
||||||
# set up passwordless sudo
|
# set up passwordless sudo
|
||||||
## backup first
|
## backup first
|
||||||
sudo cp /etc/sudoers /etc/sudoers.bak
|
sudo cp /etc/sudoers /etc/sudoers.bak
|
||||||
## replace sudoers with mine
|
## replace sudoers with mine
|
||||||
sudo cat $sudoers_new > $sudoers
|
sudo cat $sudoers_new > $sudoers
|
||||||
## test it
|
|
||||||
# sudo visudo -c
|
# config hwclockset
|
||||||
## config hwclockset
|
|
||||||
# echo -e "\tConfiguring hwclockset"
|
# echo -e "\tConfiguring hwclockset"
|
||||||
# sudo bash -c "cat $hwclockset_new > $hwclockset"
|
# sudo bash -c "cat $hwclockset_new > $hwclockset"
|
||||||
|
|
||||||
|
|||||||
@@ -0,0 +1,47 @@
|
|||||||
|
#
|
||||||
|
# This file MUST be edited with the 'visudo' command as root.
|
||||||
|
#
|
||||||
|
# Please consider adding local content in /etc/sudoers.d/ instead of
|
||||||
|
# directly modifying this file.
|
||||||
|
#
|
||||||
|
# See the man page for details on how to write a sudoers file.
|
||||||
|
#
|
||||||
|
Defaults env_reset
|
||||||
|
Defaults mail_badpass
|
||||||
|
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
||||||
|
|
||||||
|
# This fixes CVE-2005-4890 and possibly breaks some versions of kdesu
|
||||||
|
# (#1011624, https://bugs.kde.org/show_bug.cgi?id=452532)
|
||||||
|
Defaults use_pty
|
||||||
|
|
||||||
|
# This preserves proxy settings from user environments of root
|
||||||
|
# equivalent users (group sudo)
|
||||||
|
#Defaults:%sudo env_keep += "http_proxy https_proxy ftp_proxy all_proxy no_proxy"
|
||||||
|
|
||||||
|
# This allows running arbitrary commands, but so does ALL, and it means
|
||||||
|
# different sudoers have their choice of editor respected.
|
||||||
|
#Defaults:%sudo env_keep += "EDITOR"
|
||||||
|
|
||||||
|
# Completely harmless preservation of a user preference.
|
||||||
|
#Defaults:%sudo env_keep += "GREP_COLOR"
|
||||||
|
|
||||||
|
# While you shouldn't normally run git as root, you need to with etckeeper
|
||||||
|
#Defaults:%sudo env_keep += "GIT_AUTHOR_* GIT_COMMITTER_*"
|
||||||
|
|
||||||
|
# Per-user preferences; root won't have sensible values for them.
|
||||||
|
#Defaults:%sudo env_keep += "EMAIL DEBEMAIL DEBFULLNAME"
|
||||||
|
|
||||||
|
# "sudo scp" or "sudo rsync" should be able to use your SSH agent.
|
||||||
|
#Defaults:%sudo env_keep += "SSH_AGENT_PID SSH_AUTH_SOCK"
|
||||||
|
|
||||||
|
# User privilege specification
|
||||||
|
root ALL=(ALL:ALL) ALL
|
||||||
|
|
||||||
|
# Allow members of group sudo to execute any command
|
||||||
|
# %sudo ALL=(ALL:ALL) ALL
|
||||||
|
|
||||||
|
# passwordless sudo for sudo group
|
||||||
|
%sudo ALL = (ALL) NOPASSWD: ALL
|
||||||
|
|
||||||
|
# See sudoers(5) for more information on "@include" directives:
|
||||||
|
@includedir /etc/sudoers.d
|
||||||
@@ -0,0 +1,47 @@
|
|||||||
|
#
|
||||||
|
# This file MUST be edited with the 'visudo' command as root.
|
||||||
|
#
|
||||||
|
# Please consider adding local content in /etc/sudoers.d/ instead of
|
||||||
|
# directly modifying this file.
|
||||||
|
#
|
||||||
|
# See the man page for details on how to write a sudoers file.
|
||||||
|
#
|
||||||
|
Defaults env_reset
|
||||||
|
Defaults mail_badpass
|
||||||
|
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
||||||
|
|
||||||
|
# This fixes CVE-2005-4890 and possibly breaks some versions of kdesu
|
||||||
|
# (#1011624, https://bugs.kde.org/show_bug.cgi?id=452532)
|
||||||
|
Defaults use_pty
|
||||||
|
|
||||||
|
# This preserves proxy settings from user environments of root
|
||||||
|
# equivalent users (group sudo)
|
||||||
|
#Defaults:%sudo env_keep += "http_proxy https_proxy ftp_proxy all_proxy no_proxy"
|
||||||
|
|
||||||
|
# This allows running arbitrary commands, but so does ALL, and it means
|
||||||
|
# different sudoers have their choice of editor respected.
|
||||||
|
#Defaults:%sudo env_keep += "EDITOR"
|
||||||
|
|
||||||
|
# Completely harmless preservation of a user preference.
|
||||||
|
#Defaults:%sudo env_keep += "GREP_COLOR"
|
||||||
|
|
||||||
|
# While you shouldn't normally run git as root, you need to with etckeeper
|
||||||
|
#Defaults:%sudo env_keep += "GIT_AUTHOR_* GIT_COMMITTER_*"
|
||||||
|
|
||||||
|
# Per-user preferences; root won't have sensible values for them.
|
||||||
|
#Defaults:%sudo env_keep += "EMAIL DEBEMAIL DEBFULLNAME"
|
||||||
|
|
||||||
|
# "sudo scp" or "sudo rsync" should be able to use your SSH agent.
|
||||||
|
#Defaults:%sudo env_keep += "SSH_AGENT_PID SSH_AUTH_SOCK"
|
||||||
|
|
||||||
|
# User privilege specification
|
||||||
|
root ALL=(ALL:ALL) ALL
|
||||||
|
|
||||||
|
# Allow members of group sudo to execute any command
|
||||||
|
# %sudo ALL=(ALL:ALL) ALL
|
||||||
|
|
||||||
|
# passwordless sudo for sudo group
|
||||||
|
%sudo ALL = (ALL) NOPASSWD: ALL
|
||||||
|
|
||||||
|
# See sudoers(5) for more information on "@include" directives:
|
||||||
|
@includedir /etc/sudoers.d
|
||||||
Reference in New Issue
Block a user