[Linux] Creating/Editing a sudoers file

Deliverables: sudoers file

1. Create a users alias called NET_TECH that contains the users alice, bob, chuck, and david.

2. Create a command alias called NET_CMD that contains the commands ping, nmap, tcpdump, ping, and scapy.

3. Allow the NET_TECH group to run the NET_CMD commands on all hosts.

4. Allow alice and chuck to run dd, fdisk, mount, and umount on the host called shredder.irv1.

5. Name this file level1 and place it in /etc/sudoers.d/.

Usually, you are required to edit the /etc/sudoers file using the visudo editor, which is the vi editor modified to check for syntax errors when saving a sudoers file, to prevent you from unintentionally breaking the system. (If there is an error reading the /etc/sudoers file, the file doesnt get read, and you will be locked out of any sudo priviledges written there.)

Since you are editing a new, add-on file of sudo privileges, theres no risk to the existing sudoers file, and you may use nano, or any other text editor, if you are uncomfortable with vi. Just make sure your new file works.

All commands referenced must be absolute paths. Failing to do so is a major security flaw. You can double-check the path to a command with which .

Here is what I tried inputting into my /etc/sudoers.d/level1 file, but it comes out with user defined errors and parse errors, can anyone help me figure this out?

Defaults Defaults Defaults :/sbin:/bin'" env reset mail badpass secure-path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin # Host alias specification # User alias specification UserAlias NETTECH = alice, bob, chuck, david # Cmnd alias specification Cmnd-Alias NET-CMD=/bin/ping,/usr/binmap./usr/sbin/tcpdump,/usr/bi n/scapy # User privilege specification alice shredder.irvl-(ALL) /bin/dd, /sbin/fdisk, /bin/mount, /bin/umount chuck shredder.irvl-(ALL) /bin/dd, /sbin/fdisk, /bin/mount, /bin/umount root ALL-(ALL) ALL NET TECH # Allow members of group sudo to execute any command %sudo ALL=(ALL) ALL - - ALL-NET CMD #includedir/etc/sudoers . d Defaults Defaults Defaults :/sbin:/bin'" env reset mail badpass secure-path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin # Host alias specification # User alias specification UserAlias NETTECH = alice, bob, chuck, david # Cmnd alias specification Cmnd-Alias NET-CMD=/bin/ping,/usr/binmap./usr/sbin/tcpdump,/usr/bi n/scapy # User privilege specification alice shredder.irvl-(ALL) /bin/dd, /sbin/fdisk, /bin/mount, /bin/umount chuck shredder.irvl-(ALL) /bin/dd, /sbin/fdisk, /bin/mount, /bin/umount root ALL-(ALL) ALL NET TECH # Allow members of group sudo to execute any command %sudo ALL=(ALL) ALL - - ALL-NET CMD #includedir/etc/sudoers . d