Common users get root permissions-sudo details

We all know the security of Linux, because there are too many permission settings, which makes it inconvenient for common users like ours. Next, let's discuss how sudo allows common users to get root permissions!

After a new Linux computer is installed, we certainly have a common user due to Linux security settings, and we do not recommend that you use the root user directly to prevent accidental deletion of information. The permissions of common users are much less, so we often encounter insufficient permissions during operations! The following solutions are available:

1. $ su or $ su-

We can use this method to directly switch to the root user, obtain the permission, and then perform the operation. But what are the consequences? 1) at the beginning, it violates the security of Linux. 2) such operations are equivalent to direct operations by the root user. Therefore, only the root user can modify the files or folders created in this way, which will change the number of operations in the future. Therefore, this method is only used when you want to change system files or perform operations with higher permissions.

2. sudo

Sudo is a Linux system management command. It is a tool that allows common users to execute some or all of the root commands, such as halt, reboot, and Su. This not only reduces the login and management time of the root user, but also improves the security. Sudo is not a substitute for shell. It is intended for every command. This command is not described in detail. You can refer to Baidu Encyclopedia (SUDO). The following describes the problems encountered during use.

When we run the sudo command after loading the server and entering the system as an ordinary user, the following prompt will appear:

XXX is not in the sudoers file. This incident will be reported.
This indicates that the xxx user does not have the permission to use the sudo command, and the configuration file for this permission is saved in/etc/sudoers. This file is a read-only file and logged on as the root user, add the write permission to the file and run the following command: chmod U + w/etc/sudoers and then edit it with vi. Find "root all = (all) all "add Xxx all = (all) All under it, save it, and remove the write permission to chmod U-W/etc/sudoers, so that it can be used normally, in this way, the user has obtained all the permissions of the root user and has more usage methods. This is not described here!

However, this modification is troublesome. the system actually provides the command mongodo. By default, this command will edit/etc/sudoers without modifying permissions. Other operations are the same as above!

All right, this command is here! You can learn more about the usage of this command online! The younger brother is also a cainiao. I don't know much about it. Haha!

 

(Original address: http://lopnxrp.blog.51cto.com/1135789/623518)