How to use sudo commands in Linux __linux

Sudo is a tool that allows a system administrator to have some or all of the root commands performed by a common user,

such as Halt,reboot,su and so on. This not only reduces the root user login and management time, with

The sample also improves the security.

sudo is not a substitute for the shell, it is oriented to each command. It

There are several main features of this:

§sudo can restrict a user from running certain commands on a single host.

§

sudo provides a rich log of what each user has done in detail. It can make the day

Blog to the central host or log server.

§sudo

Use a timestamp file to perform a similar "check-in" system. When the user invokes sudo and enters its password, the user obtains a 5-minute lifetime ticket (this value can be changed at compile time).

The §sudo configuration file is sudoers

File, which allows the system administrator to centralize the administration of user permissions and the host used. The location of the default is/etc/sudoers, and the attribute must be 0411. One

Installation

Detect if sudo is installed:

[Root@localhost ~]# rpm-q sudo

sudo-1.6.8p12-4.1

If not installed

,

Download packages for installation

:

For most systems,

Sudo

Are relatively simple to configure:

0) $> CD/;CP sudo-1.6.8p12.tar.gz/

1) $> tar vxzf sudo-1.6.8p12.tar.gz

2) Make

3) make install

Two. Edit Execute visudo command:

As the following is a very simple example

:

Add the following lines:

Defaults Syslog=auth

Defaults Logfile=/var/log/sudo.log

Cmnd_alias Shutdown=/sbin/halt,/sbin/shutdown

Root All=all

User name

All=all

So that different users can become super users. have root privileges.

Log in with a regular user,

$

prompt, type

sudo bash

How, $ into #

it. To return to normal user mode, type exit

Note: In fact, this does not really make you into

Root

, you enter

Who am I

, it will tell you

So-and-So user

Tty1 ...

, which means you're still a regular user, but you did get

Root

Permissions. You can almost do anything that root can do.

/etc/sudoers can also define user aliases, host aliases, for example:

Host_alias Server=no1

User_alias ADMINS=ABC,BCD

ADMINS all= (All) Nopasswd:all

Such

ADMINS

You can do everything without a password.

Third, the use of

Directive Name: sudo

Use rights: There are users who appear in the/etc/sudoers

How to use:

Sudo-v

Sudo-h

Sudo-l

Sudo-v

Sudo-k

Sudo-s

Sudo-h

sudo [-b] [-P prompt] [-u username/#uid]-S

Usage

: sudo command

Description

Execute the instructions as a system Manager, that is, the instructions executed through sudo are like root-personally executed

Parameters:

-V

Show version number

-H

Shows how the version number and instructions are used

-L

Show Yourself (perform

Sudo

The user) 's permissions

-V

Because Sudo is in the first execution or

N minutes did not execute (n preset to five) will ask the password, this parameter is a redo confirmation, if more than N minutes, will also ask the password

-K

Will force the user to perform the next

sudo ask password (no more than n minutes)

-B

The instructions to be executed are placed in the background execution

-P Prompt

You can change the prompt for the password, where%u is substituted for the user's account name.

%h will display the host name

-U username/#uid

Without this parameter, the representative executes the instruction as root and, with this parameter, executes the instruction as username (

#uid is the user number for the username

Code

-S

In the execution of an environment variable

SHELL

of the specified

Shell

，

Or

/etc/passwd

The point in

Fixed the

Shell

-H

In the environment variable

Home

(Home directory)

User home directory specified as the identity to be changed

(such as

Not add

-U

parameter is the System Manager

Root

）

Note:

Command

To be a system administrator (or

-U

Change the instructions that are executed for someone else

Four: Log information

There is a log file

,

In

/var/log/sudo.log,

There's a record of who's using it.

Sudo

Down those orders.

。