the file which controls who gets to sudo to whom.
# sudoers file. # # This file MUST be edited with the 'visudo' command as root. # # See the sudoers man page for the details on how to write a sudoers file. # # User privilege specification root ALL=(ALL) ALL # Uncomment to allow people in group wheel to run all commands # %wheel ALL=(ALL) ALL # Same thing without a password # %wheel ALL=(ALL) NOPASSWD: ALL # Samples # %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom # %users localhost=/sbin/shutdown -h now rsyncuser ALL = NOPASSWD: /usr/local/bin/rsync qmaild ALL=(vpopmail) NOPASSWD: /usr/local/bin/maildir
The last two lines in the above sample file allow user rsyncuser to run rsync as root - so that he can use rsync over ssh to access anywhere in the filesystem he needs to - and to allow the qmaild uid to run the maildir delivery agent as vpopmail, so that a qmail-queue wrapper can safely deliver quarantined copies of things to a vpopmail-accessible maildir.