linux 普通用户授权root相关权限

时间:2022-09-30 15:47:31

先查看当前用户(test)是否有特权

[test@web01 ~]$ sudo -l

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for oldboy: 
Sorry, user oldboy may not run sudo on web01.

用visudo给用户(test)创建特殊root权限   或 vim  /etc/sudoers   92行插入权限

oldboy  ALL=(ALL)      /bin/ls, /bin/touch

 检查配置信息是否正确

[oldboy@web01 ~]$ sudo -l
[sudo] password for oldboy: 
Matching Defaults entries for oldboy on this host:
    !visiblepw, always_set_home, env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS", env_keep+="MAIL PS1
    PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES",
    env_keep+="LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET
    XAUTHORITY", secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin

User oldboy may run the following commands on this host:
    (ALL) /bin/ls, (ALL) /bin/touch, (ALL) /usr/bin/passwd, (ALL) !/usr/bin/passwd root