appear at the top of the file. Each
appear at the top of the file. Each alias entry has a label saying what sort of alias it is, a label for the alias, and a list of the members of that alias. User Aliases User aliases are groups of users and are labeled with the string User_Alias. They contain a list of users that are in that alias. User_Alias DNSADMINS = chris,mwlucas The user alias DNSADMINS contains two users, mwlucas and chris. Run as Aliases A “run as” alias is a special type of user alias. This lists users that other users can run commands as. We earlier mentioned that the nameserver could be run as the user “named.” The DNS administrator would need to be able to run commands as that user, and you might have a run as alias for that. Many database applications require their own user, and run as that user. In many cases, a system administrator responsible for an application would also want to be able to run system backups as the user “operator”. A run as alias allows you to do exactly that; one user can execute commands as another user, as specified by the sudo rules. These usernames could be listed in parentheses in front of the command, as described in “Running Commands as Non-root Users.” Or, you could just create a single run as alias to group these commands. Run as aliases are labeled with Runas_Alias. Runas_Alias APPADMIN = dbuser,operator Host Aliases A host alias is just a list of hosts. It’s labeled with the string Host_Alias. A host alias can be defined in terms of host names, IP addresses, or network blocks. Remember, if you’re using host names your sudo configuration could be vulnerable to DNS problems! Here are examples of all three: Host_Alias DNSSERVERS = dns1,dns2,dns3 Host_Alias SECURITYSERVERS = 192.168.1.254,192.168.113.254 Host_Alias COMPANYNETWORK = 192.168.1.0/16 Command Aliases A command alias is a list of commands. They’re labeled with the string Cmnd_Alias. Here, we have an alias that includes all the commands necessary to back up or restore the system to or from tape. Cmnd_AliasBACKUPS = /bin/mt,/sbin/restore,/sbin/dump You might have a command alias that includes all the commands in a particular directory. Suppose we have a custom application that runs as a particular user and places all of its commands in the app user’s home directory. Rather than list all the commands, you can just list a directory and use a wildcard to include everything in the directory. Cmnd_AliasDBCOMMANDS = /usr/home/dbuser/bin/* Long Lines Every entry in /etc/sudoers must be on a single line. This can make the lines very long. If you have a long list of alias members or rules, you can skip to another line by using the character at the end of each incomplete line. Cmnd_Alias SHELLS = /bin/sh, /bin/csh, /usr/local/bin/ksh, Page 153
Hint: If you are looking for very good and affordable webspace to host and run your tomcat hosting application check Virtualwebstudio tomcat web hosting provider