===== Sudoers =====

==== Configuration ====

In "/etc/sudoers"
<code>
#allow user "user1" to become root via "sudo su -"
user1 ALL=(ALL) NOPASSWD: ALL

#allow user "nagios" to execute the script "check_fail2ban" with root privileges
nagios        ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/check_fail2ban
</code>

==== Security ====

Be aware of which binarys you allow for specific users, some of them can be abused to get a rootshell.

[[https://gtfobins.github.io/|GTFOBins]]
\\
\\
~~DISCUSSION:closed~~