Sudo command usage

1. First edit the configuration file/etc/sudoers, or directly edit the file by running the export do command,

2. the syntax for configuring the/etc/sudoers configuration line is as follows:

User MACHINE = COMMANDS

User: Authorized user

MACHINE: Authorized host address

COMMANDS: Authorization command

/Etc/sudoers can also be replaced by an alias,

The first column "User_Alias, Host_Alias, Cmnd_Alias" is the keyword,

The second column "OPERATORS, MAILSERVERS, SOFTWARE" is the custom alias

Column 3: specific content of the alias.

Example: alias;

User_Alias OPERATORS = jerry, tom, tsengyia

Host_Alias MAILSERVERS = smtp, pop

Cmnd_Alias SOFWARE =/bin/rpm,/usr/bin/yum

For example, to authorize the mikey, you can use sudo to call all commands in the/sbin and/usr/bin directories, but do not call the/sbin/ifconfig command to modify the eth0 Nic parameter, do not call the/usr/bin/vim command to prevent system files from being modified)

# Mongodo

Mikey localhost =/sbin/*,/usr/bin /*! /Sbin/ifconfig eth0 ,! /Usr/bin/vim

Log sudo log

Sudo can get married to the system log and write the commands executed by the user through sudo to the log for the Administrator to view and enable the log function, you only need to add the "Defaults logfile" configuration parameter in the "/etc/sudoers" file, and in the System Log service configuration file "/etc/syslog. add the "local2.debug/var/log/sudo" record in conf.

The procedure is as follows:

# Mongodo

Defaults logfile = "/var/log/sudo"

# Vi/etc/syslog. conf

Local2.debug/var/log/sudo

# Service syslog restart

Use the sudo command, that is, use man sudo

Recommended reading:

Use and enable the root account with Ubuntu sudo and su commands

Sudo: sorry, you must have a tty to run sudo

Configure sudo permissions in Linux

Temporary root permission for sudo Configuration

How to solve the problem that users cannot execute sudo in Linux

The Linux system administrator must not know the command: sudo