If a server has the following in /etc/sudoers:
Defaults targetpw
ALL ALL=(ALL) ALL
Then what does this mean? all the users can sudo to all the commands, only their password is needed?
Asked
Active
Viewed 7.1k times
28
1 Answers
28
From the sudoers(5) man page:
The sudoers policy plugin determines a user's sudo privileges.
For the targetpw:
sudo will prompt for the password of the user specified by the -u option (defaults to root) instead of the password of the invoking user when running a command or editing a file.
sudo(8) allows you to execute commands as someone else
So, basically it says that any user can run any command on any host as any user and yes, the user just has to authenticate, but with the password of the other user, in order to run anything.
The first ALL is the users allowed
The second one is the hosts
The third one is the user as you are running the command
The last one is the commands allowed
poz2k4444
- 415
-
Thanks! In the meantime I found the "Defaults targetpw" entry in sudoers.. updated the Q – LoukiosValentine79 May 07 '15 at 16:37
-
@LoukiosValentine79 I just update the answer, does that answer your question? – poz2k4444 May 07 '15 at 18:24
-
-
1
Ubuntu 20.04.1 LTSI saw like thisALL=(ALL:ALL) ALLtwoALLs together ` – Arun Feb 24 '21 at 10:58