Ll List / List Allowed Forbidden Commands
List Allowed Forbidden Commands
View the list of commands a user can or cannot execute via sudo.
sudo -llsudo -ll#!/bin/bash
# List Allowed Forbidden Commands
sudo {{[-ll|--list --list]}}import subprocess
# List Allowed Forbidden Commands
# Make sure to replace <placeholders> with actual values
def run_command():
cmd = [
"ll---list",
"{{[-ll|--list",
"--list]}}"
]
try:
print(f"Executing: {' '.join(cmd)}")
subprocess.run(cmd, check=True)
except subprocess.CalledProcessError as e:
print(f"Error: {e}")
except FileNotFoundError:
print("Error: ll---list not found. Please install it first.")
if __name__ == "__main__":
run_command()When To Use
During access control audits or compliance checks to ensure appropriate permissions are set.
Pro Tip
Use `sudo -l -U user` to specify a particular user for checking permissions.
Anatomy of Output
Understanding the result
Matching Defaults for user: !visiblepw Default Setting Indicates specific restrictions applied to user.
(ALL) ALL Permitted Commands Indicates user can execute any command as any user.
(ALL) NOPASSWD: /usr/bin/systemctl restart service Command Allowed without Password Enumerates command that can be executed without needing a password.
Troubleshooting
Common pitfalls
sudo: unknown user: nonexistent
Solution: Check username before verifying sudo permissions.
sudo: unable to parse configuration file
Solution: Inspect `/etc/sudoers` for syntax errors.
sudo: Command not found
Solution: Ensure sudo is correctly installed and configured.
Command Breakdown
What each part is doing
-
sudo - Base Command
- The executable that performs this operation. Here it runs Ll List before the shell applies any redirect operators.
-
-ll - ll| list list
- The value supplied for ll| list list.
-
-ll - Command Option
- Tool-specific option used by this command invocation.
Alternative Approaches
Comparable commands in other tools
Alternative system operations tools for the same job.