If you design properly the system, it’s possible. You’d give writing permissions to admin in specific directories, like /usr/local/ and/or /opt/.
But my advice is another: you can install user-only applications. It goes into the ~/.local/ directory, that must have a subdirectory tree similar to /usr/local/.
On macOS, Homebrew requires the
/opt/local/
directory (and down there) to be owned by your user, not root.On GNU/Linux, you can
sudo
to other users than root. Another user may have permissions over than yours.For instance, you can use an
admin
user with some extra permissions, but yet restricted. You runsudo -u admin
.If you need to switch to that user, you run
sudo -u admin -i
.So, is it possible to ban
sudo
? (But not bansudo -u admin
, which is not a real admin, just an installer people.)If you design properly the system, it’s possible. You’d give writing permissions to
admin
in specific directories, like/usr/local/
and/or/opt/
.But my advice is another: you can install user-only applications. It goes into the
~/.local/
directory, that must have a subdirectory tree similar to/usr/local/
.That’s how I do.
In order to enable it, you must add
~/.local/bin/
to yourPATH
, preferably in the head.You can add to your
~/.bashrc
(if you use Bash):Since I use Fish, I got in my
~/.config/fish/config.fish
: