Add sudo management in main and utils

* perform readonly checks as a regular user * sudo -n is used for checks requiring root privileges * increase accountability by providing log of individual access to sensitive files
2025-06-23 19:14:34 +02:00 · 2017-11-09 15:45:42 +01:00
parent a3937b3183
commit b1f85d3f99
30 changed files with 187 additions and 53 deletions
--- a/README.md
+++ b/README.md
@ -80,6 +80,11 @@ configuration. It will run all scripts in audit mode. If a script passes,
 it will automatically be enabled for future runs. Do NOT use this option
 if you have already started to customize your configuration.

+``--sudo``: Audit your system as a normal user, but allow sudo escalation to read
+specific root read-only files. You need to provide a sudoers file in /etc/sudoers.d/
+with NOPASWD option, since checks are executed with ``sudo -n`` option, that will
+not prompt for a password.
+
 ## Hacking

 **Getting the source**