linux下sudo命令

时间:2024-02-24 22:00:49
[userld@redhat2 root]$ sudo ls

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for userld: 
userld is not in the sudoers file.  This incident will be reported.

linux默认没有为当前用户(除root用户)开启sudo权限! 

一:进入超级用户下

[userld@redhat2 root]$ su -
Password: 
[root@redhat2 ~]# 

二:开始编辑编辑/etc/sudoers文件 

[root@redhat2 etc]# ls -al | grep sudo
-r--r-----.   1 root root   4002 Mar  2  2012 sudoers  #对其进行操作
drwxr-x---.   2 root root   4096 May 16  2012 sudoers.d
-r--r-----.   1 root root   1031 May 16  2012 sudo-ldap.conf

(1)强制写入(或者先给权限,再去掉权限)

[root@redhat2 etc]# vim sudoers

(2)找到root    ALL=(ALL)       ALL这一行,在下面为需要的用户添加run sudo权限

root    ALL=(ALL)       ALL
userld  ALL=(ALL)       ALL  #默认是需要去输入userld用户的密码,在执行sudo时
userld ALL=(ALL) NOPASSWD:ALL  #是不需要去输入密码的

(3)也可以对用户组进行操作,与上面一致

%用户组  ALL=(ALL)       ALL  #默认是需要去输入userld用户的密码,在执行sudo时
%用户组  ALL=(ALL)       NOPASSWD:ALL  #是不需要去输入密码的

 三:测试

[userld@redhat2 root]$ ls  #默认是不允许去操作root目录的,权限不允许
ls: cannot open directory .: Permission denied
You have new mail in /var/spool/mail/root
[userld@redhat2 root]$ ls
ls: cannot open directory .: Permission denied
[userld@redhat2 root]$ sudo ls  #使用sudo执行,用户普通用户执行一些或者全部的管理员命令
anaconda-ks.cfg  Documents    install.log.syslog  Public     Videos
Application      Downloads    Music               Templates
Desktop          install.log  Pictures            test