How could I list all super users?
I want a command to list all users who have root privileges i.e. sudo ?
Suppose I'm a sudoer user. How could I know all other sudoer users?
command-line sudo
edited May 14 '15 at 5:24
TechJhola
2,335112962
asked Apr 20 '15 at 10:57
MaythuxMaythux
51.2k32171217
add a comment |
I want a command to list all users who have root privileges i.e. sudo ?
Suppose I'm a sudoer user. How could I know all other sudoer users?
command-line sudo
edited May 14 '15 at 5:24
TechJhola
2,335112962
asked Apr 20 '15 at 10:57
MaythuxMaythux
51.2k32171217
Here is the answer: unix.stackexchange.com/a/140974/107084
– A.B.
Apr 20 '15 at 11:00
1
I find this one nice unix.stackexchange.com/questions/50785/…
– JoKeR
Apr 20 '15 at 11:31
@JoKeR nice and tricky
– Maythux
Apr 20 '15 at 11:33
1
Note that only Joker and muru's answers are correct, only parsing user/group conf files does not give you who has thesudopermission and who has not....if a user is insudogroup but thesudoersfile has nothing mentioned forsudogroup, then?
– heemayl
Apr 20 '15 at 16:32
add a comment |
I want a command to list all users who have root privileges i.e. sudo ?
Suppose I'm a sudoer user. How could I know all other sudoer users?
command-line sudo
edited May 14 '15 at 5:24
TechJhola
2,335112962
asked Apr 20 '15 at 10:57
MaythuxMaythux
51.2k32171217
I want a command to list all users who have root privileges i.e. sudo ?
Suppose I'm a sudoer user. How could I know all other sudoer users?
command-line sudo
command-line sudo
edited May 14 '15 at 5:24
TechJhola
2,335112962
asked Apr 20 '15 at 10:57
MaythuxMaythux
51.2k32171217
edited May 14 '15 at 5:24
TechJhola
2,335112962
asked Apr 20 '15 at 10:57
MaythuxMaythux
51.2k32171217
edited May 14 '15 at 5:24
TechJhola
2,335112962
edited May 14 '15 at 5:24
TechJhola
2,335112962
edited May 14 '15 at 5:24
TechJhola
2,335112962
2,335112962
asked Apr 20 '15 at 10:57
MaythuxMaythux
51.2k32171217
asked Apr 20 '15 at 10:57
MaythuxMaythux
51.2k32171217
asked Apr 20 '15 at 10:57
MaythuxMaythux
51.2k32171217
51.2k32171217
Here is the answer: unix.stackexchange.com/a/140974/107084
– A.B.
Apr 20 '15 at 11:00
1
I find this one nice unix.stackexchange.com/questions/50785/…
– JoKeR
Apr 20 '15 at 11:31
@JoKeR nice and tricky
– Maythux
Apr 20 '15 at 11:33
1
Note that only Joker and muru's answers are correct, only parsing user/group conf files does not give you who has thesudopermission and who has not....if a user is insudogroup but thesudoersfile has nothing mentioned forsudogroup, then?
– heemayl
Apr 20 '15 at 16:32
add a comment |
Here is the answer: unix.stackexchange.com/a/140974/107084
– A.B.
Apr 20 '15 at 11:00
1
I find this one nice unix.stackexchange.com/questions/50785/…
– JoKeR
Apr 20 '15 at 11:31
@JoKeR nice and tricky
– Maythux
Apr 20 '15 at 11:33
1
Note that only Joker and muru's answers are correct, only parsing user/group conf files does not give you who has thesudopermission and who has not....if a user is insudogroup but thesudoersfile has nothing mentioned forsudogroup, then?
– heemayl
Apr 20 '15 at 16:32
Here is the answer: unix.stackexchange.com/a/140974/107084
– A.B.
Apr 20 '15 at 11:00
Here is the answer: unix.stackexchange.com/a/140974/107084
– A.B.
Apr 20 '15 at 11:00
1
1
I find this one nice unix.stackexchange.com/questions/50785/…
– JoKeR
Apr 20 '15 at 11:31
I find this one nice unix.stackexchange.com/questions/50785/…
– JoKeR
Apr 20 '15 at 11:31
@JoKeR nice and tricky
– Maythux
Apr 20 '15 at 11:33
@JoKeR nice and tricky
– Maythux
Apr 20 '15 at 11:33
1
1
Note that only Joker and muru's answers are correct, only parsing user/group conf files does not give you who has the
sudo permission and who has not....if a user is in sudo group but the sudoers file has nothing mentioned for sudo group, then?– heemayl
Apr 20 '15 at 16:32
Note that only Joker and muru's answers are correct, only parsing user/group conf files does not give you who has the
sudo permission and who has not....if a user is in sudo group but the sudoers file has nothing mentioned for sudo group, then?– heemayl
Apr 20 '15 at 16:32
add a comment |
7 Answers
7
active
oldest
votes
If you just need to list the sudoers listed in the sudo group, I think that the best way to do it would be to run this command (which should be computationally lighter than any of the other commands in this answer):
grep -Po '^sudo.+:K.*$' /etc/group
Also as suggested in the comments by muru, the format of the entries in /etc/group can be easily handled by cut:
grep '^sudo:.*$' /etc/group | cut -d: -f4
Also again as suggested in the comments by muru, one can use getent in place of grep:
getent group sudo | cut -d: -f4
Any of these commands will print all the users listed in the sudo group in /etc/group (if any).
Command #1 breakdown:
grep: Prints all the lines matching a regex in a file
-P: makesgrepmatch Perl-style regexes
o: makesgrepprint only the matched string
'^sudo.+:K.*$': makesgrepmatch the regex between the quotes
Regex #1 breakdown:
- Any character or group of characters not listed matches the character or the group of characters itself
^: start of line
.+: one or more characters
K: discard the previous match
.*: zero or more characters
$: end of line
Command #2 breakdown:
grep: Prints all the lines matching a regex in a file
'^sudo.+:K.*$': makesgrepmatch the regex between the quotes
cut: Prints only a specified section of each line in a file
-d:: makescutinterpret:as a field delimiter
-f4: makescutprint only the fourth field
Regex #2 breakdown:
- Any character or group of characters not listed matches the character or the group of characters itself
^: start of line
.*: zero or more characters
$: end of line
answered Apr 20 '15 at 11:57
koskos
25.6k870121
3
-1: this won't catch other users or groups who may have been added to sudoers, or external sources like LDAP, and boy is it an ugly way to do this.getent group sudo | cut -d: -f4, or use awk, but either way remember that group and passwd have fixed formats, with delimiters.
– muru
Apr 20 '15 at 13:06
@muru You're right, I updated my answer
– kos
Apr 20 '15 at 13:47
@kos Also note the you really should usegetent group- you don't need the grep at all.getent group foois likegrep foo /etc/group, but more capable.
– muru
Apr 20 '15 at 13:51
@muru I didn't knowgetentat all, any tought on howgrepandgetentcompare computationally? Would it be lighter to rungetent?
– kos
Apr 20 '15 at 14:02
1
This answer assumes that all sudoers are members of thesudogroup. Some unixes have other groups such aswheel. The answer by @muru will include all sudoers no matter what groups they are in.
– Simon Woodside
Mar 14 '17 at 6:17
|
show 4 more comments
As it stated here I consider the simpliest way to discover with -l & -U options together, just type users it will list e.g.: John then:
If the user has sudo access, it will print the level of sudo access for that particular user:
sudo -l -U John
User John may run the following commands on this host:
(ALL : ALL) ALL
If the user don't have sudo access, it will print that a user is not allowed to run sudo on localhost:
sudo -l -U John
User John is not allowed to run sudo on localhost.
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 20 '15 at 11:40
JoKeRJoKeR
4,95543353
2
You could loop through all the normal users and return the details on them using something like:for u in $(awk -F'[/:]' '{if($3>=1000&&$3!=65534) print $1}' /etc/passwd); do sudo -lU "$u" ; done. quick hack nothing guaranteed :)
– Wilf
Jun 8 '15 at 20:09
This also works in a active directory setup. For instance you can pick a user from some special group and check on the user. If you added the AD group correctly something like"%domain admins@mycompany.intra" ALL=(ALL) ALLthen it works. You saved me a lot of time, because I was unaware this works for non-local users as well.
– AdamKalisz
May 26 '17 at 10:11
add a comment |
As it has already been stated, the answer can be found on Unix & Linux Stack Exchange:
This shows that user "saml" is a member of the wheel group.
$ getent group wheel
wheel:x:10:saml
The only difference is that the group in Ubuntu is not wheel, but sudo (or admin in older versions of Ubuntu). So the command becomes:
getent group sudo
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 20 '15 at 11:02
Andrea CorbelliniAndrea Corbellini
12.1k24566
add a comment |
Expanding on the sudo -l -U test, one can use getent passwd to determine the users who can use sudo. Using getent allows us to access users who may not be present in the passwd file, such as LDAP users:
getent passwd | cut -f1 -d: | sudo xargs -L1 sudo -l -U | grep -v 'not allowed'
sudo -U does not return a non-zero exit value that we could take advantage of, so we are reduced to grepping the output.
answered Apr 20 '15 at 13:26
murumuru
1
This is the best answer because it doesn't assume that there is a group calledsudo.
– Simon Woodside
Mar 14 '17 at 6:15
add a comment |
This command returns a list of users with sudo rights:
awk -F ":" '{ system("groups " $1 " | grep -P "[[:space:]]sudo([[:space:]]|$)"") }' /etc/passwd
Output is (e.g.):
<username> : <username> adm cdrom sudo dip plugdev lpadmin sambashare docker
If only the user name to be displayed, then this command:
awk -F ":" '{ system("groups " $1 " | grep -P "[[:space:]]sudo([[:space:]]|$)"") }' | awk -F ":" '{ print $1 }' /etc/passwd
edited Apr 20 '15 at 13:08
muru
1
answered Apr 20 '15 at 11:12
A.B.A.B.
68.9k12169260
1
it shows more users than the sudoers. It needs some modifications
– Maythux
Apr 20 '15 at 11:12
@NewUSer Is that better?
– A.B.
Apr 20 '15 at 11:24
Much better. Gd work
– Maythux
Apr 20 '15 at 11:26
add a comment |
On most Unix-like systems, that have the sudo command, and have a sudo configuration file; running visudo as root:
:~$ sudo bash
or
:~$ su
:~# visudo
will allow an administrator to inspect and amend the privileges of groups that can use the sudo command.
On Debian based Unix-like systems, like Ubuntu, the groups 4 and 27 generally have access rights to the sudo privileges.
Group 4 is the administrator group (adm) and group 27 is the sudo gid.
To see what users are currently assigned to these groups cat the /etc/group file as shown below:
:~$ cat /etc/group
A sample output, on Ubuntu (but not Redhat based, Oracle Solaris/Solaris based, or BSD based systems) would yield this:
adm:x:4:youruser
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:youruser,mybrother
floppy:x:25:
tape:x:26:
sudo:x:27:youruser,mybrother
As we can tell, youruser is the administrator of the system, and member of
group 4 (adm). But youruser and mybrother are both members of group 27, which is the gid (group identification) number of group sudo. So mybrother can also attain root privileges (super user).
Many linux systems like Fedora and Slackware, incorporate the wheel group gid=10. Which allows administrator privileges when the sudo command is applied. On BSD based systems (e.g. FreeBSD), the root user is a member of the wheel group which is gid 0.
Also by using the id command any user can find the group information of another known user to the system.
For Example:
:~$ id mybrother
Sample output
uid=1001(mybrother) gid=1001(mybrother) groups=1001(mybrother),24(cdrom),27(sudo),30(dip),46(plugdev),108(lpadmin),124(sambashare)
answered Jun 8 '15 at 20:13
oOpSgEooOpSgEo
40629
add a comment |
Command -
cat group | grep sudo
Output -
sudo:x:27:Tom,Stacy
Tom,Stacy are the users with sudo privilages
edited Jan 11 at 8:35
tinlyx
83121224
answered Jan 11 at 6:09
XYZXYZ
1
1
Tom,Stacy are the users with sudo privilages
– XYZ
Jan 11 at 6:10
Welcome to Ask Ubuntu! Just to let you know, this is a useless use ofcat.
– David Foerster
Jan 11 at 8:37
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f611584%2fhow-could-i-list-all-super-users%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
7 Answers
7
active
oldest
votes
7 Answers
7
active
oldest
votes
active
oldest
votes
active
oldest
votes
If you just need to list the sudoers listed in the sudo group, I think that the best way to do it would be to run this command (which should be computationally lighter than any of the other commands in this answer):
grep -Po '^sudo.+:K.*$' /etc/group
Also as suggested in the comments by muru, the format of the entries in /etc/group can be easily handled by cut:
grep '^sudo:.*$' /etc/group | cut -d: -f4
Also again as suggested in the comments by muru, one can use getent in place of grep:
getent group sudo | cut -d: -f4
Any of these commands will print all the users listed in the sudo group in /etc/group (if any).
Command #1 breakdown:
grep: Prints all the lines matching a regex in a file
-P: makesgrepmatch Perl-style regexes
o: makesgrepprint only the matched string
'^sudo.+:K.*$': makesgrepmatch the regex between the quotes
Regex #1 breakdown:
- Any character or group of characters not listed matches the character or the group of characters itself
^: start of line
.+: one or more characters
K: discard the previous match
.*: zero or more characters
$: end of line
Command #2 breakdown:
grep: Prints all the lines matching a regex in a file
'^sudo.+:K.*$': makesgrepmatch the regex between the quotes
cut: Prints only a specified section of each line in a file
-d:: makescutinterpret:as a field delimiter
-f4: makescutprint only the fourth field
Regex #2 breakdown:
- Any character or group of characters not listed matches the character or the group of characters itself
^: start of line
.*: zero or more characters
$: end of line
answered Apr 20 '15 at 11:57
koskos
25.6k870121
3
-1: this won't catch other users or groups who may have been added to sudoers, or external sources like LDAP, and boy is it an ugly way to do this.getent group sudo | cut -d: -f4, or use awk, but either way remember that group and passwd have fixed formats, with delimiters.
– muru
Apr 20 '15 at 13:06
@muru You're right, I updated my answer
– kos
Apr 20 '15 at 13:47
@kos Also note the you really should usegetent group- you don't need the grep at all.getent group foois likegrep foo /etc/group, but more capable.
– muru
Apr 20 '15 at 13:51
@muru I didn't knowgetentat all, any tought on howgrepandgetentcompare computationally? Would it be lighter to rungetent?
– kos
Apr 20 '15 at 14:02
1
This answer assumes that all sudoers are members of thesudogroup. Some unixes have other groups such aswheel. The answer by @muru will include all sudoers no matter what groups they are in.
– Simon Woodside
Mar 14 '17 at 6:17
|
show 4 more comments
If you just need to list the sudoers listed in the sudo group, I think that the best way to do it would be to run this command (which should be computationally lighter than any of the other commands in this answer):
grep -Po '^sudo.+:K.*$' /etc/group
Also as suggested in the comments by muru, the format of the entries in /etc/group can be easily handled by cut:
grep '^sudo:.*$' /etc/group | cut -d: -f4
Also again as suggested in the comments by muru, one can use getent in place of grep:
getent group sudo | cut -d: -f4
Any of these commands will print all the users listed in the sudo group in /etc/group (if any).
Command #1 breakdown:
grep: Prints all the lines matching a regex in a file
-P: makesgrepmatch Perl-style regexes
o: makesgrepprint only the matched string
'^sudo.+:K.*$': makesgrepmatch the regex between the quotes
Regex #1 breakdown:
- Any character or group of characters not listed matches the character or the group of characters itself
^: start of line
.+: one or more characters
K: discard the previous match
.*: zero or more characters
$: end of line
Command #2 breakdown:
grep: Prints all the lines matching a regex in a file
'^sudo.+:K.*$': makesgrepmatch the regex between the quotes
cut: Prints only a specified section of each line in a file
-d:: makescutinterpret:as a field delimiter
-f4: makescutprint only the fourth field
Regex #2 breakdown:
- Any character or group of characters not listed matches the character or the group of characters itself
^: start of line
.*: zero or more characters
$: end of line
answered Apr 20 '15 at 11:57
koskos
25.6k870121
3
-1: this won't catch other users or groups who may have been added to sudoers, or external sources like LDAP, and boy is it an ugly way to do this.getent group sudo | cut -d: -f4, or use awk, but either way remember that group and passwd have fixed formats, with delimiters.
– muru
Apr 20 '15 at 13:06
@muru You're right, I updated my answer
– kos
Apr 20 '15 at 13:47
@kos Also note the you really should usegetent group- you don't need the grep at all.getent group foois likegrep foo /etc/group, but more capable.
– muru
Apr 20 '15 at 13:51
@muru I didn't knowgetentat all, any tought on howgrepandgetentcompare computationally? Would it be lighter to rungetent?
– kos
Apr 20 '15 at 14:02
1
This answer assumes that all sudoers are members of thesudogroup. Some unixes have other groups such aswheel. The answer by @muru will include all sudoers no matter what groups they are in.
– Simon Woodside
Mar 14 '17 at 6:17
|
show 4 more comments
If you just need to list the sudoers listed in the sudo group, I think that the best way to do it would be to run this command (which should be computationally lighter than any of the other commands in this answer):
grep -Po '^sudo.+:K.*$' /etc/group
Also as suggested in the comments by muru, the format of the entries in /etc/group can be easily handled by cut:
grep '^sudo:.*$' /etc/group | cut -d: -f4
Also again as suggested in the comments by muru, one can use getent in place of grep:
getent group sudo | cut -d: -f4
Any of these commands will print all the users listed in the sudo group in /etc/group (if any).
Command #1 breakdown:
grep: Prints all the lines matching a regex in a file
-P: makesgrepmatch Perl-style regexes
o: makesgrepprint only the matched string
'^sudo.+:K.*$': makesgrepmatch the regex between the quotes
Regex #1 breakdown:
- Any character or group of characters not listed matches the character or the group of characters itself
^: start of line
.+: one or more characters
K: discard the previous match
.*: zero or more characters
$: end of line
Command #2 breakdown:
grep: Prints all the lines matching a regex in a file
'^sudo.+:K.*$': makesgrepmatch the regex between the quotes
cut: Prints only a specified section of each line in a file
-d:: makescutinterpret:as a field delimiter
-f4: makescutprint only the fourth field
Regex #2 breakdown:
- Any character or group of characters not listed matches the character or the group of characters itself
^: start of line
.*: zero or more characters
$: end of line
answered Apr 20 '15 at 11:57
koskos
25.6k870121
If you just need to list the sudoers listed in the sudo group, I think that the best way to do it would be to run this command (which should be computationally lighter than any of the other commands in this answer):
grep -Po '^sudo.+:K.*$' /etc/group
Also as suggested in the comments by muru, the format of the entries in /etc/group can be easily handled by cut:
grep '^sudo:.*$' /etc/group | cut -d: -f4
Also again as suggested in the comments by muru, one can use getent in place of grep:
getent group sudo | cut -d: -f4
Any of these commands will print all the users listed in the sudo group in /etc/group (if any).
Command #1 breakdown:
grep: Prints all the lines matching a regex in a file
-P: makesgrepmatch Perl-style regexes
o: makesgrepprint only the matched string
'^sudo.+:K.*$': makesgrepmatch the regex between the quotes
Regex #1 breakdown:
- Any character or group of characters not listed matches the character or the group of characters itself
^: start of line
.+: one or more characters
K: discard the previous match
.*: zero or more characters
$: end of line
Command #2 breakdown:
grep: Prints all the lines matching a regex in a file
'^sudo.+:K.*$': makesgrepmatch the regex between the quotes
cut: Prints only a specified section of each line in a file
-d:: makescutinterpret:as a field delimiter
-f4: makescutprint only the fourth field
Regex #2 breakdown:
- Any character or group of characters not listed matches the character or the group of characters itself
^: start of line
.*: zero or more characters
$: end of line
answered Apr 20 '15 at 11:57
koskos
25.6k870121
edited Apr 20 '15 at 14:55
answered Apr 20 '15 at 11:57
koskos
25.6k870121
answered Apr 20 '15 at 11:57
koskos
25.6k870121
answered Apr 20 '15 at 11:57
koskos
25.6k870121
25.6k870121
3
-1: this won't catch other users or groups who may have been added to sudoers, or external sources like LDAP, and boy is it an ugly way to do this.getent group sudo | cut -d: -f4, or use awk, but either way remember that group and passwd have fixed formats, with delimiters.
– muru
Apr 20 '15 at 13:06
@muru You're right, I updated my answer
– kos
Apr 20 '15 at 13:47
@kos Also note the you really should usegetent group- you don't need the grep at all.getent group foois likegrep foo /etc/group, but more capable.
– muru
Apr 20 '15 at 13:51
@muru I didn't knowgetentat all, any tought on howgrepandgetentcompare computationally? Would it be lighter to rungetent?
– kos
Apr 20 '15 at 14:02
1
This answer assumes that all sudoers are members of thesudogroup. Some unixes have other groups such aswheel. The answer by @muru will include all sudoers no matter what groups they are in.
– Simon Woodside
Mar 14 '17 at 6:17
|
show 4 more comments
3
-1: this won't catch other users or groups who may have been added to sudoers, or external sources like LDAP, and boy is it an ugly way to do this.getent group sudo | cut -d: -f4, or use awk, but either way remember that group and passwd have fixed formats, with delimiters.
– muru
Apr 20 '15 at 13:06
@muru You're right, I updated my answer
– kos
Apr 20 '15 at 13:47
@kos Also note the you really should usegetent group- you don't need the grep at all.getent group foois likegrep foo /etc/group, but more capable.
– muru
Apr 20 '15 at 13:51
@muru I didn't knowgetentat all, any tought on howgrepandgetentcompare computationally? Would it be lighter to rungetent?
– kos
Apr 20 '15 at 14:02
1
This answer assumes that all sudoers are members of thesudogroup. Some unixes have other groups such aswheel. The answer by @muru will include all sudoers no matter what groups they are in.
– Simon Woodside
Mar 14 '17 at 6:17
3
3
-1: this won't catch other users or groups who may have been added to sudoers, or external sources like LDAP, and boy is it an ugly way to do this.
getent group sudo | cut -d: -f4, or use awk, but either way remember that group and passwd have fixed formats, with delimiters.– muru
Apr 20 '15 at 13:06
-1: this won't catch other users or groups who may have been added to sudoers, or external sources like LDAP, and boy is it an ugly way to do this.
getent group sudo | cut -d: -f4, or use awk, but either way remember that group and passwd have fixed formats, with delimiters.– muru
Apr 20 '15 at 13:06
@muru You're right, I updated my answer
– kos
Apr 20 '15 at 13:47
@muru You're right, I updated my answer
– kos
Apr 20 '15 at 13:47
@kos Also note the you really should use
getent group - you don't need the grep at all. getent group foo is like grep foo /etc/group, but more capable.– muru
Apr 20 '15 at 13:51
@kos Also note the you really should use
getent group - you don't need the grep at all. getent group foo is like grep foo /etc/group, but more capable.– muru
Apr 20 '15 at 13:51
@muru I didn't know
getent at all, any tought on how grep and getent compare computationally? Would it be lighter to run getent?– kos
Apr 20 '15 at 14:02
@muru I didn't know
getent at all, any tought on how grep and getent compare computationally? Would it be lighter to run getent?– kos
Apr 20 '15 at 14:02
1
1
This answer assumes that all sudoers are members of the
sudo group. Some unixes have other groups such as wheel. The answer by @muru will include all sudoers no matter what groups they are in.– Simon Woodside
Mar 14 '17 at 6:17
This answer assumes that all sudoers are members of the
sudo group. Some unixes have other groups such as wheel. The answer by @muru will include all sudoers no matter what groups they are in.– Simon Woodside
Mar 14 '17 at 6:17
|
show 4 more comments
As it stated here I consider the simpliest way to discover with -l & -U options together, just type users it will list e.g.: John then:
If the user has sudo access, it will print the level of sudo access for that particular user:
sudo -l -U John
User John may run the following commands on this host:
(ALL : ALL) ALL
If the user don't have sudo access, it will print that a user is not allowed to run sudo on localhost:
sudo -l -U John
User John is not allowed to run sudo on localhost.
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 20 '15 at 11:40
JoKeRJoKeR
4,95543353
2
You could loop through all the normal users and return the details on them using something like:for u in $(awk -F'[/:]' '{if($3>=1000&&$3!=65534) print $1}' /etc/passwd); do sudo -lU "$u" ; done. quick hack nothing guaranteed :)
– Wilf
Jun 8 '15 at 20:09
This also works in a active directory setup. For instance you can pick a user from some special group and check on the user. If you added the AD group correctly something like"%domain admins@mycompany.intra" ALL=(ALL) ALLthen it works. You saved me a lot of time, because I was unaware this works for non-local users as well.
– AdamKalisz
May 26 '17 at 10:11
add a comment |
As it stated here I consider the simpliest way to discover with -l & -U options together, just type users it will list e.g.: John then:
If the user has sudo access, it will print the level of sudo access for that particular user:
sudo -l -U John
User John may run the following commands on this host:
(ALL : ALL) ALL
If the user don't have sudo access, it will print that a user is not allowed to run sudo on localhost:
sudo -l -U John
User John is not allowed to run sudo on localhost.
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 20 '15 at 11:40
JoKeRJoKeR
4,95543353
2
You could loop through all the normal users and return the details on them using something like:for u in $(awk -F'[/:]' '{if($3>=1000&&$3!=65534) print $1}' /etc/passwd); do sudo -lU "$u" ; done. quick hack nothing guaranteed :)
– Wilf
Jun 8 '15 at 20:09
This also works in a active directory setup. For instance you can pick a user from some special group and check on the user. If you added the AD group correctly something like"%domain admins@mycompany.intra" ALL=(ALL) ALLthen it works. You saved me a lot of time, because I was unaware this works for non-local users as well.
– AdamKalisz
May 26 '17 at 10:11
add a comment |
As it stated here I consider the simpliest way to discover with -l & -U options together, just type users it will list e.g.: John then:
If the user has sudo access, it will print the level of sudo access for that particular user:
sudo -l -U John
User John may run the following commands on this host:
(ALL : ALL) ALL
If the user don't have sudo access, it will print that a user is not allowed to run sudo on localhost:
sudo -l -U John
User John is not allowed to run sudo on localhost.
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 20 '15 at 11:40
JoKeRJoKeR
4,95543353
As it stated here I consider the simpliest way to discover with -l & -U options together, just type users it will list e.g.: John then:
If the user has sudo access, it will print the level of sudo access for that particular user:
sudo -l -U John
User John may run the following commands on this host:
(ALL : ALL) ALL
If the user don't have sudo access, it will print that a user is not allowed to run sudo on localhost:
sudo -l -U John
User John is not allowed to run sudo on localhost.
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 20 '15 at 11:40
JoKeRJoKeR
4,95543353
edited Apr 13 '17 at 12:37
Community♦
1
edited Apr 13 '17 at 12:37
Community♦
1
edited Apr 13 '17 at 12:37
Community♦
1
1
answered Apr 20 '15 at 11:40
JoKeRJoKeR
4,95543353
answered Apr 20 '15 at 11:40
JoKeRJoKeR
4,95543353
answered Apr 20 '15 at 11:40
JoKeRJoKeR
4,95543353
4,95543353
2
You could loop through all the normal users and return the details on them using something like:for u in $(awk -F'[/:]' '{if($3>=1000&&$3!=65534) print $1}' /etc/passwd); do sudo -lU "$u" ; done. quick hack nothing guaranteed :)
– Wilf
Jun 8 '15 at 20:09
This also works in a active directory setup. For instance you can pick a user from some special group and check on the user. If you added the AD group correctly something like"%domain admins@mycompany.intra" ALL=(ALL) ALLthen it works. You saved me a lot of time, because I was unaware this works for non-local users as well.
– AdamKalisz
May 26 '17 at 10:11
add a comment |
2
You could loop through all the normal users and return the details on them using something like:for u in $(awk -F'[/:]' '{if($3>=1000&&$3!=65534) print $1}' /etc/passwd); do sudo -lU "$u" ; done. quick hack nothing guaranteed :)
– Wilf
Jun 8 '15 at 20:09
This also works in a active directory setup. For instance you can pick a user from some special group and check on the user. If you added the AD group correctly something like"%domain admins@mycompany.intra" ALL=(ALL) ALLthen it works. You saved me a lot of time, because I was unaware this works for non-local users as well.
– AdamKalisz
May 26 '17 at 10:11
2
2
You could loop through all the normal users and return the details on them using something like:
for u in $(awk -F'[/:]' '{if($3>=1000&&$3!=65534) print $1}' /etc/passwd); do sudo -lU "$u" ; done. quick hack nothing guaranteed :)– Wilf
Jun 8 '15 at 20:09
You could loop through all the normal users and return the details on them using something like:
for u in $(awk -F'[/:]' '{if($3>=1000&&$3!=65534) print $1}' /etc/passwd); do sudo -lU "$u" ; done. quick hack nothing guaranteed :)– Wilf
Jun 8 '15 at 20:09
This also works in a active directory setup. For instance you can pick a user from some special group and check on the user. If you added the AD group correctly something like
"%domain admins@mycompany.intra" ALL=(ALL) ALL then it works. You saved me a lot of time, because I was unaware this works for non-local users as well.– AdamKalisz
May 26 '17 at 10:11
This also works in a active directory setup. For instance you can pick a user from some special group and check on the user. If you added the AD group correctly something like
"%domain admins@mycompany.intra" ALL=(ALL) ALL then it works. You saved me a lot of time, because I was unaware this works for non-local users as well.– AdamKalisz
May 26 '17 at 10:11
add a comment |
As it has already been stated, the answer can be found on Unix & Linux Stack Exchange:
This shows that user "saml" is a member of the wheel group.
$ getent group wheel
wheel:x:10:saml
The only difference is that the group in Ubuntu is not wheel, but sudo (or admin in older versions of Ubuntu). So the command becomes:
getent group sudo
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 20 '15 at 11:02
Andrea CorbelliniAndrea Corbellini
12.1k24566
add a comment |
As it has already been stated, the answer can be found on Unix & Linux Stack Exchange:
This shows that user "saml" is a member of the wheel group.
$ getent group wheel
wheel:x:10:saml
The only difference is that the group in Ubuntu is not wheel, but sudo (or admin in older versions of Ubuntu). So the command becomes:
getent group sudo
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 20 '15 at 11:02
Andrea CorbelliniAndrea Corbellini
12.1k24566
add a comment |
As it has already been stated, the answer can be found on Unix & Linux Stack Exchange:
This shows that user "saml" is a member of the wheel group.
$ getent group wheel
wheel:x:10:saml
The only difference is that the group in Ubuntu is not wheel, but sudo (or admin in older versions of Ubuntu). So the command becomes:
getent group sudo
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 20 '15 at 11:02
Andrea CorbelliniAndrea Corbellini
12.1k24566
As it has already been stated, the answer can be found on Unix & Linux Stack Exchange:
This shows that user "saml" is a member of the wheel group.
$ getent group wheel
wheel:x:10:saml
The only difference is that the group in Ubuntu is not wheel, but sudo (or admin in older versions of Ubuntu). So the command becomes:
getent group sudo
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 20 '15 at 11:02
Andrea CorbelliniAndrea Corbellini
12.1k24566
edited Apr 13 '17 at 12:37
Community♦
1
edited Apr 13 '17 at 12:37
Community♦
1
edited Apr 13 '17 at 12:37
Community♦
1
1
answered Apr 20 '15 at 11:02
Andrea CorbelliniAndrea Corbellini
12.1k24566
answered Apr 20 '15 at 11:02
Andrea CorbelliniAndrea Corbellini
12.1k24566
answered Apr 20 '15 at 11:02
Andrea CorbelliniAndrea Corbellini
12.1k24566
12.1k24566
add a comment |
add a comment |
Expanding on the sudo -l -U test, one can use getent passwd to determine the users who can use sudo. Using getent allows us to access users who may not be present in the passwd file, such as LDAP users:
getent passwd | cut -f1 -d: | sudo xargs -L1 sudo -l -U | grep -v 'not allowed'
sudo -U does not return a non-zero exit value that we could take advantage of, so we are reduced to grepping the output.
answered Apr 20 '15 at 13:26
murumuru
1
This is the best answer because it doesn't assume that there is a group calledsudo.
– Simon Woodside
Mar 14 '17 at 6:15
add a comment |
Expanding on the sudo -l -U test, one can use getent passwd to determine the users who can use sudo. Using getent allows us to access users who may not be present in the passwd file, such as LDAP users:
getent passwd | cut -f1 -d: | sudo xargs -L1 sudo -l -U | grep -v 'not allowed'
sudo -U does not return a non-zero exit value that we could take advantage of, so we are reduced to grepping the output.
answered Apr 20 '15 at 13:26
murumuru
1
This is the best answer because it doesn't assume that there is a group calledsudo.
– Simon Woodside
Mar 14 '17 at 6:15
add a comment |
Expanding on the sudo -l -U test, one can use getent passwd to determine the users who can use sudo. Using getent allows us to access users who may not be present in the passwd file, such as LDAP users:
getent passwd | cut -f1 -d: | sudo xargs -L1 sudo -l -U | grep -v 'not allowed'
sudo -U does not return a non-zero exit value that we could take advantage of, so we are reduced to grepping the output.
answered Apr 20 '15 at 13:26
murumuru
1
Expanding on the sudo -l -U test, one can use getent passwd to determine the users who can use sudo. Using getent allows us to access users who may not be present in the passwd file, such as LDAP users:
getent passwd | cut -f1 -d: | sudo xargs -L1 sudo -l -U | grep -v 'not allowed'
sudo -U does not return a non-zero exit value that we could take advantage of, so we are reduced to grepping the output.
answered Apr 20 '15 at 13:26
murumuru
1
answered Apr 20 '15 at 13:26
murumuru
1
answered Apr 20 '15 at 13:26
murumuru
1
answered Apr 20 '15 at 13:26
murumuru
1
1
This is the best answer because it doesn't assume that there is a group calledsudo.
– Simon Woodside
Mar 14 '17 at 6:15
add a comment |
This is the best answer because it doesn't assume that there is a group calledsudo.
– Simon Woodside
Mar 14 '17 at 6:15
This is the best answer because it doesn't assume that there is a group called
sudo.– Simon Woodside
Mar 14 '17 at 6:15
This is the best answer because it doesn't assume that there is a group called
sudo.– Simon Woodside
Mar 14 '17 at 6:15
add a comment |
This command returns a list of users with sudo rights:
awk -F ":" '{ system("groups " $1 " | grep -P "[[:space:]]sudo([[:space:]]|$)"") }' /etc/passwd
Output is (e.g.):
<username> : <username> adm cdrom sudo dip plugdev lpadmin sambashare docker
If only the user name to be displayed, then this command:
awk -F ":" '{ system("groups " $1 " | grep -P "[[:space:]]sudo([[:space:]]|$)"") }' | awk -F ":" '{ print $1 }' /etc/passwd
edited Apr 20 '15 at 13:08
muru
1
answered Apr 20 '15 at 11:12
A.B.A.B.
68.9k12169260
1
it shows more users than the sudoers. It needs some modifications
– Maythux
Apr 20 '15 at 11:12
@NewUSer Is that better?
– A.B.
Apr 20 '15 at 11:24
Much better. Gd work
– Maythux
Apr 20 '15 at 11:26
add a comment |
This command returns a list of users with sudo rights:
awk -F ":" '{ system("groups " $1 " | grep -P "[[:space:]]sudo([[:space:]]|$)"") }' /etc/passwd
Output is (e.g.):
<username> : <username> adm cdrom sudo dip plugdev lpadmin sambashare docker
If only the user name to be displayed, then this command:
awk -F ":" '{ system("groups " $1 " | grep -P "[[:space:]]sudo([[:space:]]|$)"") }' | awk -F ":" '{ print $1 }' /etc/passwd
edited Apr 20 '15 at 13:08
muru
1
answered Apr 20 '15 at 11:12
A.B.A.B.
68.9k12169260
1
it shows more users than the sudoers. It needs some modifications
– Maythux
Apr 20 '15 at 11:12
@NewUSer Is that better?
– A.B.
Apr 20 '15 at 11:24
Much better. Gd work
– Maythux
Apr 20 '15 at 11:26
add a comment |
This command returns a list of users with sudo rights:
awk -F ":" '{ system("groups " $1 " | grep -P "[[:space:]]sudo([[:space:]]|$)"") }' /etc/passwd
Output is (e.g.):
<username> : <username> adm cdrom sudo dip plugdev lpadmin sambashare docker
If only the user name to be displayed, then this command:
awk -F ":" '{ system("groups " $1 " | grep -P "[[:space:]]sudo([[:space:]]|$)"") }' | awk -F ":" '{ print $1 }' /etc/passwd
edited Apr 20 '15 at 13:08
muru
1
answered Apr 20 '15 at 11:12
A.B.A.B.
68.9k12169260
This command returns a list of users with sudo rights:
awk -F ":" '{ system("groups " $1 " | grep -P "[[:space:]]sudo([[:space:]]|$)"") }' /etc/passwd
Output is (e.g.):
<username> : <username> adm cdrom sudo dip plugdev lpadmin sambashare docker
If only the user name to be displayed, then this command:
awk -F ":" '{ system("groups " $1 " | grep -P "[[:space:]]sudo([[:space:]]|$)"") }' | awk -F ":" '{ print $1 }' /etc/passwd
edited Apr 20 '15 at 13:08
muru
1
answered Apr 20 '15 at 11:12
A.B.A.B.
68.9k12169260
edited Apr 20 '15 at 13:08
muru
1
edited Apr 20 '15 at 13:08
muru
1
edited Apr 20 '15 at 13:08
muru
1
1
answered Apr 20 '15 at 11:12
A.B.A.B.
68.9k12169260
answered Apr 20 '15 at 11:12
A.B.A.B.
68.9k12169260
answered Apr 20 '15 at 11:12
A.B.A.B.
68.9k12169260
68.9k12169260
1
it shows more users than the sudoers. It needs some modifications
– Maythux
Apr 20 '15 at 11:12
@NewUSer Is that better?
– A.B.
Apr 20 '15 at 11:24
Much better. Gd work
– Maythux
Apr 20 '15 at 11:26
add a comment |
1
it shows more users than the sudoers. It needs some modifications
– Maythux
Apr 20 '15 at 11:12
@NewUSer Is that better?
– A.B.
Apr 20 '15 at 11:24
Much better. Gd work
– Maythux
Apr 20 '15 at 11:26
1
1
it shows more users than the sudoers. It needs some modifications
– Maythux
Apr 20 '15 at 11:12
it shows more users than the sudoers. It needs some modifications
– Maythux
Apr 20 '15 at 11:12
@NewUSer Is that better?
– A.B.
Apr 20 '15 at 11:24
@NewUSer Is that better?
– A.B.
Apr 20 '15 at 11:24
Much better. Gd work
– Maythux
Apr 20 '15 at 11:26
Much better. Gd work
– Maythux
Apr 20 '15 at 11:26
add a comment |
On most Unix-like systems, that have the sudo command, and have a sudo configuration file; running visudo as root:
:~$ sudo bash
or
:~$ su
:~# visudo
will allow an administrator to inspect and amend the privileges of groups that can use the sudo command.
On Debian based Unix-like systems, like Ubuntu, the groups 4 and 27 generally have access rights to the sudo privileges.
Group 4 is the administrator group (adm) and group 27 is the sudo gid.
To see what users are currently assigned to these groups cat the /etc/group file as shown below:
:~$ cat /etc/group
A sample output, on Ubuntu (but not Redhat based, Oracle Solaris/Solaris based, or BSD based systems) would yield this:
adm:x:4:youruser
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:youruser,mybrother
floppy:x:25:
tape:x:26:
sudo:x:27:youruser,mybrother
As we can tell, youruser is the administrator of the system, and member of
group 4 (adm). But youruser and mybrother are both members of group 27, which is the gid (group identification) number of group sudo. So mybrother can also attain root privileges (super user).
Many linux systems like Fedora and Slackware, incorporate the wheel group gid=10. Which allows administrator privileges when the sudo command is applied. On BSD based systems (e.g. FreeBSD), the root user is a member of the wheel group which is gid 0.
Also by using the id command any user can find the group information of another known user to the system.
For Example:
:~$ id mybrother
Sample output
uid=1001(mybrother) gid=1001(mybrother) groups=1001(mybrother),24(cdrom),27(sudo),30(dip),46(plugdev),108(lpadmin),124(sambashare)
answered Jun 8 '15 at 20:13
oOpSgEooOpSgEo
40629
add a comment |
On most Unix-like systems, that have the sudo command, and have a sudo configuration file; running visudo as root:
:~$ sudo bash
or
:~$ su
:~# visudo
will allow an administrator to inspect and amend the privileges of groups that can use the sudo command.
On Debian based Unix-like systems, like Ubuntu, the groups 4 and 27 generally have access rights to the sudo privileges.
Group 4 is the administrator group (adm) and group 27 is the sudo gid.
To see what users are currently assigned to these groups cat the /etc/group file as shown below:
:~$ cat /etc/group
A sample output, on Ubuntu (but not Redhat based, Oracle Solaris/Solaris based, or BSD based systems) would yield this:
adm:x:4:youruser
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:youruser,mybrother
floppy:x:25:
tape:x:26:
sudo:x:27:youruser,mybrother
As we can tell, youruser is the administrator of the system, and member of
group 4 (adm). But youruser and mybrother are both members of group 27, which is the gid (group identification) number of group sudo. So mybrother can also attain root privileges (super user).
Many linux systems like Fedora and Slackware, incorporate the wheel group gid=10. Which allows administrator privileges when the sudo command is applied. On BSD based systems (e.g. FreeBSD), the root user is a member of the wheel group which is gid 0.
Also by using the id command any user can find the group information of another known user to the system.
For Example:
:~$ id mybrother
Sample output
uid=1001(mybrother) gid=1001(mybrother) groups=1001(mybrother),24(cdrom),27(sudo),30(dip),46(plugdev),108(lpadmin),124(sambashare)
answered Jun 8 '15 at 20:13
oOpSgEooOpSgEo
40629
add a comment |
On most Unix-like systems, that have the sudo command, and have a sudo configuration file; running visudo as root:
:~$ sudo bash
or
:~$ su
:~# visudo
will allow an administrator to inspect and amend the privileges of groups that can use the sudo command.
On Debian based Unix-like systems, like Ubuntu, the groups 4 and 27 generally have access rights to the sudo privileges.
Group 4 is the administrator group (adm) and group 27 is the sudo gid.
To see what users are currently assigned to these groups cat the /etc/group file as shown below:
:~$ cat /etc/group
A sample output, on Ubuntu (but not Redhat based, Oracle Solaris/Solaris based, or BSD based systems) would yield this:
adm:x:4:youruser
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:youruser,mybrother
floppy:x:25:
tape:x:26:
sudo:x:27:youruser,mybrother
As we can tell, youruser is the administrator of the system, and member of
group 4 (adm). But youruser and mybrother are both members of group 27, which is the gid (group identification) number of group sudo. So mybrother can also attain root privileges (super user).
Many linux systems like Fedora and Slackware, incorporate the wheel group gid=10. Which allows administrator privileges when the sudo command is applied. On BSD based systems (e.g. FreeBSD), the root user is a member of the wheel group which is gid 0.
Also by using the id command any user can find the group information of another known user to the system.
For Example:
:~$ id mybrother
Sample output
uid=1001(mybrother) gid=1001(mybrother) groups=1001(mybrother),24(cdrom),27(sudo),30(dip),46(plugdev),108(lpadmin),124(sambashare)
answered Jun 8 '15 at 20:13
oOpSgEooOpSgEo
40629
On most Unix-like systems, that have the sudo command, and have a sudo configuration file; running visudo as root:
:~$ sudo bash
or
:~$ su
:~# visudo
will allow an administrator to inspect and amend the privileges of groups that can use the sudo command.
On Debian based Unix-like systems, like Ubuntu, the groups 4 and 27 generally have access rights to the sudo privileges.
Group 4 is the administrator group (adm) and group 27 is the sudo gid.
To see what users are currently assigned to these groups cat the /etc/group file as shown below:
:~$ cat /etc/group
A sample output, on Ubuntu (but not Redhat based, Oracle Solaris/Solaris based, or BSD based systems) would yield this:
adm:x:4:youruser
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:youruser,mybrother
floppy:x:25:
tape:x:26:
sudo:x:27:youruser,mybrother
As we can tell, youruser is the administrator of the system, and member of
group 4 (adm). But youruser and mybrother are both members of group 27, which is the gid (group identification) number of group sudo. So mybrother can also attain root privileges (super user).
Many linux systems like Fedora and Slackware, incorporate the wheel group gid=10. Which allows administrator privileges when the sudo command is applied. On BSD based systems (e.g. FreeBSD), the root user is a member of the wheel group which is gid 0.
Also by using the id command any user can find the group information of another known user to the system.
For Example:
:~$ id mybrother
Sample output
uid=1001(mybrother) gid=1001(mybrother) groups=1001(mybrother),24(cdrom),27(sudo),30(dip),46(plugdev),108(lpadmin),124(sambashare)
answered Jun 8 '15 at 20:13
oOpSgEooOpSgEo
40629
edited Jun 8 '15 at 22:00
answered Jun 8 '15 at 20:13
oOpSgEooOpSgEo
40629
answered Jun 8 '15 at 20:13
oOpSgEooOpSgEo
40629
answered Jun 8 '15 at 20:13
oOpSgEooOpSgEo
40629
40629
add a comment |
add a comment |
Command -
cat group | grep sudo
Output -
sudo:x:27:Tom,Stacy
Tom,Stacy are the users with sudo privilages
edited Jan 11 at 8:35
tinlyx
83121224
answered Jan 11 at 6:09
XYZXYZ
1
1
Tom,Stacy are the users with sudo privilages
– XYZ
Jan 11 at 6:10
Welcome to Ask Ubuntu! Just to let you know, this is a useless use ofcat.
– David Foerster
Jan 11 at 8:37
add a comment |
Command -
cat group | grep sudo
Output -
sudo:x:27:Tom,Stacy
Tom,Stacy are the users with sudo privilages
edited Jan 11 at 8:35
tinlyx
83121224
answered Jan 11 at 6:09
XYZXYZ
1
1
Tom,Stacy are the users with sudo privilages
– XYZ
Jan 11 at 6:10
Welcome to Ask Ubuntu! Just to let you know, this is a useless use ofcat.
– David Foerster
Jan 11 at 8:37
add a comment |
Command -
cat group | grep sudo
Output -
sudo:x:27:Tom,Stacy
Tom,Stacy are the users with sudo privilages
edited Jan 11 at 8:35
tinlyx
83121224
answered Jan 11 at 6:09
XYZXYZ
1
Command -
cat group | grep sudo
Output -
sudo:x:27:Tom,Stacy
Tom,Stacy are the users with sudo privilages
edited Jan 11 at 8:35
tinlyx
83121224
answered Jan 11 at 6:09
XYZXYZ
1
edited Jan 11 at 8:35
tinlyx
83121224
edited Jan 11 at 8:35
tinlyx
83121224
edited Jan 11 at 8:35
tinlyx
83121224
83121224
answered Jan 11 at 6:09
XYZXYZ
1
answered Jan 11 at 6:09
XYZXYZ
1
answered Jan 11 at 6:09
XYZXYZ
1
1
1
Tom,Stacy are the users with sudo privilages
– XYZ
Jan 11 at 6:10
Welcome to Ask Ubuntu! Just to let you know, this is a useless use ofcat.
– David Foerster
Jan 11 at 8:37
add a comment |
1
Tom,Stacy are the users with sudo privilages
– XYZ
Jan 11 at 6:10
Welcome to Ask Ubuntu! Just to let you know, this is a useless use ofcat.
– David Foerster
Jan 11 at 8:37
1
1
Tom,Stacy are the users with sudo privilages
– XYZ
Jan 11 at 6:10
Tom,Stacy are the users with sudo privilages
– XYZ
Jan 11 at 6:10
Welcome to Ask Ubuntu! Just to let you know, this is a useless use of
cat.– David Foerster
Jan 11 at 8:37
Welcome to Ask Ubuntu! Just to let you know, this is a useless use of
cat.– David Foerster
Jan 11 at 8:37
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f611584%2fhow-could-i-list-all-super-users%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Here is the answer: unix.stackexchange.com/a/140974/107084
– A.B.
Apr 20 '15 at 11:00
1
I find this one nice unix.stackexchange.com/questions/50785/…
– JoKeR
Apr 20 '15 at 11:31
@JoKeR nice and tricky
– Maythux
Apr 20 '15 at 11:33
1
Note that only Joker and muru's answers are correct, only parsing user/group conf files does not give you who has the
sudopermission and who has not....if a user is insudogroup but thesudoersfile has nothing mentioned forsudogroup, then?– heemayl
Apr 20 '15 at 16:32