How to enable non sudo user access to top with all processes?

Question

I use Ubuntu Server 10.04. I have users that normally don't have access to sudo. When this user is using top command he sees only processes for the current user. I added a line to /etc/sudoers:

user ALL = NOPASSWD: /usr/bin/top

But now we have access not only for a list of system processes, but also for killing them, which is not desired.

Is there any other way of doing this?

score 7 · Accepted Answer · answered Mar 29 '11 at 10:52

7

You can allow the user to run only "top -s" this is secure mode and disables the ability to kill stuff.

user ALL = NOPASSWD: /usr/bin/top -s

answered Mar 29 '11 at 10:52

Frands Hansen

4,657
1
17
29

score 2 · Answer 2 · answered Mar 29 '11 at 10:53

2

Normally top will display all processes on the system. That your top is not doing so suggests that something has been done to restrict it - there are kernel patches that add this functionality. You need to find out what has been added to your system.

answered Mar 29 '11 at 10:53

user9517

115,471
20
215
297

score 1 · Answer 3 · answered Mar 29 '11 at 10:13

1

bofh ALL=(root) NOPASSWD: /usr/bin/top

works fine for me, i can sudo top only; maybe you have other sudo rules that helps you killing procs as well?

if you're talking about the right to kill a process with top well that's normal; top uses kill() internally to terminate the process requested; once you execute top as root you'll also make the syscalls involved as root user

answered Mar 29 '11 at 10:13

user237419

1,653
8
8

1

I think the OP knows this and wants to avoid doing so. – user9517 Mar 29 '11 at 10:40
yup, i know that you can kill processes from top :) using your command user can still kill processes this way, right? – trylik Mar 29 '11 at 11:38
yep :) I also upvoted fbh – user237419 Mar 29 '11 at 11:41

How to enable non sudo user access to top with all processes?

3 Answers3