Views:
704β
Votes: 1β
β
Solution
Tag :
visudo
Link:
π See Original Answer on Ask Ubuntu β§ π
URL:
https://askubuntu.com/q/1195402
Title:
What should /etc/sudoers contain normally?
ID:
/2019/12/11/What-should-_etc_sudoers-contain-normally_
Created:
December 11, 2019
Edited: December 11, 2019
Upload:
September 15, 2024
Layout: post
TOC:
false
Navigation: false
Copy to clipboard: false
Hereβs what I change on new installations:
$ sudo cat /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset, timestamp_timeout=120, pwfeedback
#Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
Defaults:rick !secure_path
(... SNIP rest of file unchanged ...)
I put my changes at the top of the file. They are displayed in bold above:
timeoutmakes sudo privalege last for 2 hours so I donβt have retype password every 5 minutes or whatever the default is.pwfeedbackplaces a*on screen with each key press during password input.mail_badpassstops an email being sent to my account each time I enter the sudo password incorrectly.!secure_pathis explained here: Can I makesudofollow my path via CLI?