Privileges

====================================================================================

Privileges

====================================================================================

For users to have escalated privilege on a server (root access), they need to be granted this permission.

sudo

Users will sudo access have full administrator permissions, this means that they can essentially perform any task on the system.

/etc/sudoers

the /etc/sudoers file should always be edited with the visudo command, this is so that permissions aren't broken when manually editing.

visudo

flags:

-c: check for errors

-s: strict mode

------------------------------------------------------------------------------------------------------------------------------------------------

Wheel

The alternative to adding users to the sudoers file, is to add users to the Wheel group. The Wheel group is essentially an exclusion that can be added for users to allow access to certain roles.

By default, any users in the wheel group have full privileges on the server.

An example of how this could be utilised, would be to add a rule into the /etc/wheel file that specifies a group that can be used to perform a specific task. Users that need this privilege could then be added to this file.