Security pattern on MacOs / Add user to Sudoers
I found good setup for your MacOs laptop, which can prevent installing any software to your computer automatically.
First we need to create our daily user without admin permissions. But also we need to keep the user with admin permissions in our system.
So let's do it inside our "users and groups" section.
Later we use our user without admin permissions for all actions on our device. But If we need to install new applicaiton, we will be asked for admin and password of our admin user.
It will prevent installation of any software on the computer without our confirmation.
Sudoers or sudo problem
As soon as we are developers, we need to use sudo command to do some actions with administrator privileges. The problem will appear when we will run sudo from the terminal using non-admin account.
For resolving this problem we need to change our sudoers file from admin account. So let's login into our admin account and run the command
Dmytro-Macbook:~ simpleuser$ sudo cat /private/etc/sudoers
Password:
simpleuser is not in the sudoers file. This incident will be reported.
It will open the file which looks like this
##
# Cmnd alias specification
##
# Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
##
# User specification
##
# root and users in group wheel can run anything on any machine as any user
root ALL = (ALL) ALL
######################### here we need to add our non-admin user name
## Read drop-in files from /private/etc/sudoers.dLet's add our new user to sudoers
simpleuser ALL = (ALL) ALLThis setup will make your daily laptop using much safer. 😉
Photo: Roth Melinda unsplash
