Considering how getting this wrong is extremely dangerous, I feel it deserves an explicit answer. There are many other answers concerning the use of ALL in sudoers, but they do not directly answer this question:
Does ALL refer to users in a group ; Does ALL refer to access to Cmnd_Alias[es] ; OR Can it refer to either and both depending on where it is located in the line?
For instance:
a group like REGULARUSER ALL=(ALL) NOPASSWD: SHUTDOWN
would mean ALL
users in group REGULARUSER
have access privleges to Cmnd_Alias
SHUTDOWN
.
In other words the syntax is: Group \ Users \ Command Permission Specifications.
Is this correct?
So that means I can use ALL
in instances like root to grant all privileges to all users in the group, hence the ALL=(ALL:ALL) ALL of user group root
Some other questions about the use of ALL
"ALL ALL=(ALL) NOPASSWD:ALL" was auto added in my /etc/sudoers file. Is this a Security Breach?