sudoers conf

This commit is contained in:
Andrea Blankenstijn 2022-06-04 13:17:43 +00:00
parent d873cbcc21
commit 1b16c79148
2 changed files with 12 additions and 0 deletions

View file

@ -67,3 +67,8 @@ Allow sshd to listen on the non-default TCP port 4242:
```bash
semanage port --add -t ssh_port_t -p tcp 4242
```
### sudo
Add the provided [sudoers policy file](rootfs/etc/sudoers.d/Born2beroot) in
`/etc/sudoers.d`.

View file

@ -0,0 +1,7 @@
Defaults log_input, log_output, requiretty
Defaults iolog_dir = /var/log/sudo/io/%{user}
Defaults iolog_file = %{runas_user}-%{command}-XXXXXX
Defaults logfile=/var/log/sudo/sudo.log
Defaults badpass_message = Nope...
%sudo ALL=(ALL) ALL