diff options
| author | William Mantly <wmantly@gmail.com> | 2019-12-12 16:15:31 -0500 |
|---|---|---|
| committer | Brian May <brian@linuxpenguins.xyz> | 2019-12-13 08:15:31 +1100 |
| commit | 69d3f7dc64211d3ab91991cc90865dbf9edcba15 (patch) | |
| tree | 84d44cc4ea82bbc27fcbc70f3ecd0e6f3127d105 /docs/usage.rst | |
| parent | 6ad4473c87511bcafaec3d8d0c69dfcb166b48ed (diff) | |
Auto sudoers file (#269)
* added sudoers options to command line arguments
* added sudoers options to command line arguments
* template for sudoers file
* Added option for GUI sudo
* added support for GUI sudo
* script for auto adding sudo file
* sudoers auto add works and validates
* small change
* Clean up for CI
* removed code that belongs in another PR
* added path for package bins
* added sudoers bin
* added sudoers-add to setup file
* fixed issue with sudoers bash script
* auto sudoers now works
* added --sudoers-no-modify option
* bin now works with ./run
* removed debug print
* Updated sudoers-add script
* Fixed error passing sudoers config to script
* more dynamic building of sudoers file
* added option to specify sudoers.d file name
* fixed indent issue
* fixed indent issue
* indent issue
* clean up
* formating
* docs
* fix for flags
* Update usage.rst
* removed shell=true
* cleared CI errors
* cleared CI errors
* removed random
* cleared linter issue
* cleared linter issue
* cleared linter issue
* updated sudoers-add script
* safer temp file
* moved bin directory
* moved bin directory
* removed print
* fixed spacing issue
* sudoers commands must only containe upper case latters
Diffstat (limited to 'docs/usage.rst')
| -rw-r--r-- | docs/usage.rst | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/docs/usage.rst b/docs/usage.rst index d782a95..d1960c1 100644 --- a/docs/usage.rst +++ b/docs/usage.rst @@ -60,3 +60,46 @@ the data back and forth through ssh. Fun, right? A poor man's instant VPN, and you don't even have to have admin access on the server. +Sudoers File +------------ +sshuttle can auto-generate the proper sudoers.d file using the current user +for Linux and OSX. Doing this will allow sshuttle to run without asking for +the local sudo password and to give users who do not have sudo access +ability to run sshuttle. + + sshuttle --sudoers + +DO NOT run this command with sudo, it will ask for your sudo password when +it is needed. + +A costume user or group can be set with the : +option:`sshuttle --sudoers --sudoers-username {user_descriptor}` option. Valid +values for this vary based on how your system is configured. Values such as +usernames, groups pre-pended with `%` and sudoers user aliases will work. See +the sudoers manual for more information on valid user specif actions. +The options must be used with `--sudoers` + + sshuttle --sudoers --sudoers-user mike + sshuttle --sudoers --sudoers-user %sudo + +The name of the file to be added to sudoers.d can be configured as well. This +is mostly not necessary but can be useful for giving more than one user +access to sshuttle. The default is `sshuttle_auto` + + sshuttle --sudoer --sudoers-filename sshuttle_auto_mike + sshuttle --sudoer --sudoers-filename sshuttle_auto_tommy + +You can also see what configuration will be added to your system without +modifying anything. This can be helpfull is the auto feature does not work, or +you want more control. This option also works with `--sudoers-username`. +`--sudoers-filename` has no effect with this option. + + sshuttle --sudoers-no-modify + +This will simply sprint the generated configuration to STDOUT. Example + + 08:40 PM william$ sshuttle --sudoers-no-modify + + Cmnd_Alias SSHUTTLE304 = /usr/bin/env PYTHONPATH=/usr/local/lib/python2.7/dist-packages/sshuttle-0.78.5.dev30+gba5e6b5.d20180909-py2.7.egg /usr/bin/python /usr/local/bin/sshuttle --method auto --firewall + + william ALL=NOPASSWD: SSHUTTLE304 |