Introduction to user permission assignment configuration in CentOS

Introduction to user permission assignment configuration in CentOS

Introduction to user permission assignment configuration in Centos (Linux)

When it comes to permission assignment, it is vital for a service to run normally. One common saying in an enterprise is that the larger the permission, the greater the responsibility, the greatest harm, when the permissions are compared, misoperations will cause catastrophic damage to the application. Therefore, you must be careful when assigning permissions. Of course, in large enterprises, permissions are allocated in great detail, the same service has different operation permissions, so it is relatively safe. In this way, you can find the responsible person directly. Today, we will introduce the user permission assignment in Centos. First, we all know that the maximum permission account in Centos (Linux) is root. For example, administrators in windows are global administrators, I have full operation permissions on the service. My environment is like this. I am habitually using the root permission for service operations. Due to the recent review, the owner has changed the root password, A new common user is created, and cannot be saved after you log on to the common user after modifying the service. Therefore, we have summarized the preceding environment issues and shared them with the expected kids shoes.

In fact, there are many ways to assign permission control: Today we will introduce two methods.

1. Add root permissions to new users

2. Assign sudo permissions to new users;

Create a user in the environment and run the following command:

Addusergavin --> Add User gavin Passgavin --> set a new password for the gavin user Xxxxxxx-> enter the custom Password Xxxxxxx --> enter confirm to customize the new password

Then we use the gavin user to log on and modify the hosts file.

Vim /etc/hosts

After modification, save the operation that prompts the user to be readonly only

Vim /etc/passwd

Modify the value of gavin user id of a new user

Note: we can see the first line with the root id 0.

Change the gavin id to 0.

In this way, no matter whether you use root or the newly added user gavin, the root information will be displayed after logon, and the root permission will be applied.

Method 2: Assign sudo permissions to new users

Vim/etc/sudoers

Find the ## Allow root to run any command anywhere line, and then there will be the information of root ALL = (ALL) ALL;

Add a row

1gavinALL=(ALL)ALL

Save and exit,

Then, when you modify the service, you must use sudo + vim to modify the service.

Note:

If the user name does not have the superuser permission, when you enter the sudo + command, the system prompts:

The Code is as follows:

Gavin is not in the sudoers file. This incident will be reported.

Solution: 1. Enter the superuser mode. Enter "su". The system will ask you to enter the superuser password and enter the password to enter the superuser mode.

2. Add the write permission for the file.

The Code is as follows:

U indicates the file owner.

+ W add writable permissions

U + x indicates that only the current user has the write permission.

Chmod u + w/etc/sudoers

In this way, sudo vim/etc/hosts has the permission to operate on user services.

4. revoke the write permission on the file.

The Code is as follows:

chmodu-w/etc/sudoers