Skip to main content
Question

Blocking sudo access


mykool
Forum|alt.badge.img+10

We are currently trying to allow user's to be admin's but blocking off certain access to the OS. Is there a way to block sudo access for an admin account? Most of our users don't need to access the terminal, so I can block it completely if I have to, but would like to just dumb down their access.

3 replies

Forum|alt.badge.img+11
  • Contributor
  • 31 replies
  • January 21, 2021

Have you considered using the Restricted Software feature to restrict Terminal commands or the entire Terminal app


Forum|alt.badge.img+9
  • New Contributor
  • 140 replies
  • January 21, 2021

You could modify /etc/sudoers. I'm not sure if any recent versions of macOS changed our ability to edit that file or if it's SIP protected, but back in the old days I used to push out a modified version of that.


Forum|alt.badge.img+12
  • Valued Contributor
  • 191 replies
  • January 21, 2021

Maybe a better approach would be to only allow admin access when requested? Jamf had made a scrip to do that https://github.com/jamf/MakeMeAnAdmin


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings