Sudo: List available commands

Sudo is the Unix/Linux standard for providing users with the ability to run commands as another user. However when working with large teams sometimes its difficult to identify which user has what access, below is a command that makes it easy to see what is available for a user.

Example:

[[email protected] ~]$ sudo -l  

User sudoguy may run the following commands on this host:  
 (root) /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall, (root) /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool, (root)  
 /bin/rpm, /usr/bin/up2date, /usr/bin/yum, (root) NOPASSWD: ALL

The cool thing about this is you can also do this as root without switching to the user.

[[email protected] ~]# sudo -lU sudoguy  

User sudoguy may run the following commands on this host:  
 (ALL) NOPASSWD: ALL  
 (root) /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall, (root) /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool, (root)  
 /bin/rpm, /usr/bin/up2date, /usr/bin/yum, (root) NOPASSWD: ALL  

About Benjamin

Benjamin is a Infrastructure and Software Engineer. On this blog he writes about Linux, Docker, Programming as well as other Systems topics.

Learn more about Linux

If you liked this article, check out Benjamin's book: Red Hat Enterprise Linux Troubleshooting Guide. Where you can learn a lot more about troubleshooting Linux systems. This book is filled with tips and techniques he has learned over years of managing mission critical systems.

Related