Sudo Syntax:
Sudo [-B] [-u New User Account]
Option and parameter:-B: place the subsequent commands in the background for the system to execute them on its own, without affecting the current shell-u: the user who switches, if this option is not specified, the user is the root user. For example, Sudo-u Wang touch/tmp/sudo.txt. (Note: currently, the user can only create a sudo file under the tmp directory. You need to set the sudo command)
Sudo execution principle:
- When a user executes sudo, the System Searches the/etc/sudoers file for whether the user has the permission to execute sudo;
- If the user has the permission to execute sudo, ask the user to [enter the user's password] To confirm;
- If the password is entered successfully, run the sudo command (but the root user does not need the password)
- If you want to change the identity to the same identity as the performer, you do not need to enter a password.
Syntax for a single user and sudoers file:[Note] use the cmddo command to edit the/etc/sudoers file. Do not use Vim to edit the file. Because the mongodo command can check the syntax of the/etc/sudoers file, for example, [root @ localhost ~] # Meanings of the four fields in the rows do:
- Which account of the system can use the sudo command. The default account is root.
- When this account has a host online to this Linux host, this value can specify the client computer. The default value root can be from any network host.
- Which identity can this account switch to issue Subsequent commands? By default, root can switch to anyone.
- Which commands can be issued for this identity? This command must be written in absolute path. By default, root can switch any identity and perform any commands.
For example, add user myuser1 to sudo and use the group to process sudo [root @ localhost ~] # Adding "%" to the leftmost side of "mongodo" indicates that a [group] is followed. For example, add user Wang to the wheel group [root @ localhost ~]. # Usermod-a-g wheel Wang [root @ localhost ~] # Su-Wang [Wang @ localhost ~] Sudo tail-3/etc/shadow does not need to enter a password (remove #). commands with restrictions include: myuser1 change Root Password Use alias change command mongodo alias can be command alias [cmnd_alias], account alias [user_alias], host alias [host_alias]