Skip to main content
Question

Blocking sudo access

mykool
Forum|alt.badge.img+10

We are currently trying to allow user's to be admin's but blocking off certain access to the OS. Is there a way to block sudo access for an admin account? Most of our users don't need to access the terminal, so I can block it completely if I have to, but would like to just dumb down their access.

    3 replies

    D
    Forum|alt.badge.img+11
    • don_cochran
    • Contributor
    • 31 replies
    • January 21, 2021

    Have you considered using the Restricted Software feature to restrict Terminal commands or the entire Terminal app

    P
    Forum|alt.badge.img+9
    • patgmac
    • New Contributor
    • 140 replies
    • January 21, 2021

    You could modify /etc/sudoers. I'm not sure if any recent versions of macOS changed our ability to edit that file or if it's SIP protected, but back in the old days I used to push out a modified version of that.

    D
    Forum|alt.badge.img+12
    • Dylan_YYC
    • Valued Contributor
    • 191 replies
    • January 21, 2021

    Maybe a better approach would be to only allow admin access when requested? Jamf had made a scrip to do that https://github.com/jamf/MakeMeAnAdmin

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings