Welcome to the Linux Foundation Forum!

LF201 - Lab 1.1 - sudoers

Hello,
I'm beginning the course right now.
Sorry for the naivete of my questions.

I just read the paper Lab 1.1.

On my Debian 10, in order to add the user to sudoers group, I just used to type the command:

´usermod -aG sudo myUser`

This works because in Debian10 there is already a 'sudo' group in /etc/group.

Which approach is better?
the ´/ect/sudoers.d/myUSer` approach either the 'add to group' approach?

Thank you in advance for your answers.

Comments

  • serewicz
    serewicz Posts: 1,000

    Hello,
    Adding the user to the sudo group gives them access to run what is declared in the /etc/sudoerr.d/ files. If you look at the file, myUSer for example, it may have a line which looks like this: sudo ALL=(ALL:ALL) ALL , which determines what the members of sudo group can do using the sudo command.

    Regards,

  • saintex
    saintex Posts: 13
    edited July 2020

    Hello serewicz,
    thank you for your answer, that suggested me the solution.
    In fact there is not a /etc/sudoers.d/myUSer file, but if I read the content of /etc/sudoers I read:

    # Allow members of group sudo to execute any command
    %sudo ALL=(ALL:ALL) ALL

    So, as you say,
    usermod -aG sudo myUser
    enable the option for myUser expressed in /etc/sudoers

    Thank you for your suggestion!

Categories

Upcoming Training