About configuration(s) for the /etc/sudoers
file with visudo
I have read the following tutorials (among others):
A very important part is the following structure:
user hostname=(runas-user:runas-group) command
I understand the following about users:
root ALL=(ALL:ALL) ALL
hope ALL=(ALL:ALL) ALL
What is not clear for me is about the %groups
. In the /etc/sudoers
file are shown the %admin
and %sudo
groups as follow:
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
About (ALL)
vs (ALL:ALL)
- When the former would be mandatory over the latter and viceversa?
- What type of commands should work with the former and latter respectively
So, it is not clear for me (even with the available comments for each one), therefore if I want create and a new group (i,e: developers
) I don't know if should be declared (ALL)
or (ALL:ALL)
.