Linux study notes -- sudo commands for common users

Linux Study Notes & mdash; general users use the sudo command abstract: mainly records how to solve the general use of Linux study Notes-general users use the sudo command

Abstract: This document mainly records how to solve the problem that common users cannot use the sudo command, and adds the advantages of using the sudo command.

1. create a common user

The preceding notes also record how to create a common user, use the useradd command, and adduser command. Use the useradd command to create a common user.

Groupadd andychen

Useradd-m-s/bin/basn-g andychen lazzyxin

Passwd lazzyxin

Set your own password.

II. Advantages of sudo command A: sudo command

Sudo is a common tool in linux that allows common users to use superuser permissions. it allows the system administrator to execute some or all of the root commands. This not only reduces the login and management time of the root user, but also improves the security. If a common user needs to execute a command that can only be run by the root user, the user must switch to the root user. in this way, the user must know the password of the root user, which means to delegate permissions to each such user. the root password is unsecure.

B: Problem

1. when we switch to the lazzyxin user, here is an example of using sudo.

A) cd/tmp

B) mkdir lazzy_dir

C) sudo chmod-R 755 lazzy_dir

2. the following message is displayed:

A) enter the lazzyxin user password:

B) after the input, the system will prompt: lazzyxin is not in the sudoers file. This incident will be reported.

C: solving the problem

1. two configuration files related to the above problem:

A)/etc/sudoers file:

By default, you can configure the sudo command permission file to determine whether the user has the sudo permission and which commands can use the sudo permission. If you want to edit this file to grant sudo permissions to users, you must use the command: modify do to modify the sudoers file.

B)/etc/sudoers. d folder:

As mentioned above, the sudo permission of the user can be set in the sudoers file, but the content of the sudoers file can be viewed through cat/etc/sudoers. it is recommended that you do not modify the file or operate sudoers. d folder to realize the sudo command authorization process for common users.

2. specific process:

A) create a file in the/etc/sudoers. d folder. the name does not matter.

B) edit the lazzyxin File: add lazzyxin ALL = (ALL) ALL

C) save and exit

D) change the file lazzyxin permission to 400.

E) use the lazzyxin account to log on and execute the sudo command to verify whether the command takes effect.

3. specific commands:

                        vim/etc/sudoers.d/lazzyxin                        i                        lazzyxinALL=(ALL)ALL                        ESC:wq                        chmod 400/etc/sudoers.d/lazzyxin                        su lazzyxin                        sudo ls –al

If it can be used normally, the modification is successful.