Managing sudo Access

30 minutes
  • 3 Learning Objectives

About this Hands-on Lab

In this lab, we will look at how to manage access to `sudo`. We will strengthen `sudo` security by removing unnecessary default settings and configure `sudo` to always require a password. Then, we’ll permit specific user accounts to use `sudo`.

*This course is not approved or sponsored by Red Hat.*

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Disable the Use of the `wheel` Group in the `sudoers` File

Comment out the following line in the /etc/sudoers file:

%wheel  ALL=(ALL)       ALL 
Provide Full `sudo` Access to `cloud_user`, `pbeesly`, and `jhalpert`

Add the following lines to the /etc/sudoers file:

cloud_user  ALL=(ALL)       ALL
pbeesly     ALL=(ALL)       ALL
jhalpert    ALL=(ALL)       ALL
Configure `sudo` to Require a Password Each Time the `sudo` Command Is Used

To require a password each time sudo is used, add the following line to the /etc/sudoers file:

Defaults    timestamp_timeout=0

Additional Resources

We've been asked to make some changes to the sudoers file, as there have been some personnel changes in the IT department at our organization. The changes that need to be made are:

  1. Disable the use of the wheel group in the sudoers file using comments.

  2. Enable full sudo access for the following users:

    • cloud_user
    • pbeesly
    • jhalpert
  3. Ensure a password is required each time the sudo command is run.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?