Hi,
I wanted add a group to the sudoers file so they can run sudo
commands and blocked su
command but it seems they can just run sudo -i
to switch to root which defeats my purpose.
Is it possible to block sudo -i
with the help of sudoers
file or any other way.
Please advise.
The below doesn't seem to work
Cmnd_Alias NSU = /bin/su
Cmnd_Alias NVSU = /usr/bin/sudo -i *
%support-group ALL=(ALL) ALL, !NVSU, !NSU
---------- Post updated at 11:07 AM ---------- Previous update was at 11:00 AM ----------
Or Even better if any user tries to switch to root always ask for root password, is that achievable?