Article Title: Brief instance configuration for Sudo in UbuntuLinux system. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
The configuration process is as follows:
Sudo is a tool that allows the system administrator to authorize common users to execute some or all of the root commands. This can reduce root login and improve system security.
Sudo features:
1. You can restrict specific users to run specified commands on specific hosts.
2. Detailed log records
3. sudo uses a timestamp file to execute a system similar to "ticket check. After the user uses sudo and enters the password, the user obtains a 5-minute ticket by default (this value can be changed during compilation ), if you do not need to use the password for more than 5 minutes, you need to re-enter the password.
Sudo installation process: Generally, the system has installation by default.
Configuration file/etc/sudoers:
The following briefly introduces the configuration items of the file (root uses mongodo to edit the file)
Part 1: # Host alias specification (Host alias definition, used to define multiple hosts)
Format: Host_Alias SERVER = 192.168.0.1/255.255.255.0
Host_Alias SERVER1 = 172.17.1.1
Part 2: # User alias specification (User alias definition, used to define multiple groups of users)
Format: User_Alias ADMIN = test, jack, tom
User_Alias TEST = user1
Part 3: # Cmnd alias specification (command alias definition, defining the list of user-executed commands)
Format: Cmnd_Alias CAT =/bin/cat/etc/sudoers
Cmnd_Alias Ls =/bin/ls/root
Part 4: # Override built in defaults (added the log record function)
Defaults @ SERVER log_host, logfile =/var/log/sudo. log
# Add an additional log to the host in host alise. If this log needs to be stored for many years, you can use log_year. In this way, the detailed year will be recorded during log recording.
[1] [2] [3] Next page