SUDO LAB

      Install Sudo package:
        pkgadd -d /sc300/sudo-1.6.7p3-sol9-sparc-local   (say Y)
        man sudo

      Modify the configuration file:
        visudo

          Defaults syslog=auth

          # Host alias specification
          Host_Alias WORKSTATIONS=YourHostname,jupiter,neptune
          
          # User alias specification
          User_Alias ADMINS=alice,bob
          User_Alias CONTRACTORS=fred,barney
          
          # Cmnd alias specification
          Cmnd_Alias NETWORK=/usr/bin/netstat,/usr/sbin/ifconfig
          Cmnd_Alias CHGUSER=/usr/sbin/useradd,/usr/sbin/usermod
          
          # User privilege specification
          root         ALL=(ALL) ALL
          fred         WORKSTATIONS=/usr/bin/ls
          ADMINS       WORKSTATIONS=NOPASSWD:NETWORK
          CONTRACTORS  WORKSTATIONS=CHGUSER

      Update the Syslog configuration file:
        vi /etc/syslog.conf
          Add this line (use only tabs, no spaces)
          auth.info          /var/adm/sc300log 

        touch /var/adm/sc300log
        pkill -HUP syslogd
        tail -f /var/adm/sc300log     (do this while testing Sudo)

      Test Sudo:

        chmod 700 /usr/sbin/ifconfig
        chmod 700 /usr/bin/netstat

        In another window:
          telnet localhost
          Login as various users and try some commands.

          PATH=$PATH:/usr/local/bin:/usr/sbin
          sudo ifconfig -a
               Alice:  works
               Fred:   not allowed to execute as root
          sudo ls -l /lost+found
               Fred:   works
               Alice:  not allowed to execute as root
          sudo useradd -u3333 -g10 -m -d/export/home/greg -c "Greg" greg
               Alice:  not allowed to execute as root
               Barney: works