Difference in /etc/sudoers file

rhel7
sudo

#1

Hi All,
In my project have 2000 Redhat 7.4 servers , i see difference in /etc/sudoers file across all servers.
In some server i seeing this entry “Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
and some i see this “Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin

question is how does this changes happen & which module manage this entry?

How to bring them at the same level?


#2

It might be from older installation or created by other sysadmins. If I were you, I will leave it as it is. Is anything broken? If not do not go and fix unwanted issues.


#3

I am also seeing this entry in new installation servers. actually i am not able execute docker-compose commands which exist under /usr/local/bin.

is it possible to update “secure_path” entry through any command ?


#4

Add sudo job for docker-compose command. For example, all tom user to run following three commands. Start editing by typing as root user:

visudo

Now add entry for tom:

tom  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /cdrom

For example:

raj  ALL=/usr/local/bin/docker-compose 

Here is what I would set for /usr/local/bin but make sure user is either part of wheel or whatever group used for sysadmin tasks:

Defaults    secure_path = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin