Suppose root user created a user say user1, and made entries in /etc/sudoers file for "user1" as "user1 ALL=(ALL) ALL". How can user1 check that he has privileges identical to root user ? Does it require to create a shell script for it ?
Asked
Active
Viewed 6,721 times
0
-
Have a look at this - http://superuser.com/questions/553932/how-to-check-if-i-have-sudo-access – Lawrence Nov 18 '13 at 11:57
1 Answers
2
A user can see what he is allowed to run using sudo by running sudo -ll. No script is required. Below is an example:
$ sudo -ll
Matching Defaults entries for user1 on this host:
env_reset, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin
User user1 may run the following commands on this host:
Sudoers entry:
RunAsUsers: ALL
RunAsGroups: ALL
Commands:
ALL
To check if a certain command is allowed you can use sudo -l command. If the command is allowed the full path will be printed.
$ sudo -l ls
/bin/ls
To see what a different user is allowed to do you can add the option -U username.
pabouk - Ukraine stay strong
- 6,568
- 5
- 40
- 52
-
-
@Braiam: Yes, of course. It would be a security hazard to reveal such a sensitive information without authenticating the user. ...but if you allow the user to use `sudo` without a password (using the `NOPASSWD:` directive) then `sudo -ll` will not ask for a password. – pabouk - Ukraine stay strong Nov 18 '13 at 13:49