|
The wheel group is allowed to do everything by default.
We need a separate group to really confine users.
For example:
$ sudo ls
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
[sudo] password for pashev:
Sorry, user pashev is not allowed to execute '/run/current-system/sw/bin/ls --color=tty' as root on vbox-manul.
|
