1. what is sudosudo is a linux system Management Command. it is a tool that allows the system administrator to allow common users to execute some or all of the root commands, such as halt, reboo, and su. Using sudo not only reduces the logon and management time of the root user, but also improves security. sudo is not...
1. what is sudo?
Sudo is a linux system Management Command. it is a tool that allows common users to execute some or all of the root commands, such as halt, reboo, and su.
Using sudo not only reduces the logon and management time of the root user, but also improves the security. sudo is not a substitute for shell, and is intended for every command.
To put it simply, sudo allows some users to execute administrator permissions without having the administrator account and password.
The administrator can assign some users to execute certain commands, such
2 sudo features:
(1) users can be restricted to running certain commands only on a host.
(2) it provides a wide range of log functions, recording in detail what each user has done. it can upload logs to the central host or log server.
(3) sudo uses a timestamp file to execute a ticket-checking system. Simply put, it allows its users to get a ticket with a time limit, which can be changed during compilation.
(4) compile and configure sudo
The configuration file is in/etc/sudoers and the property is 440. only the administrator can read it! Root does not have the permission to change.
3sudo configuration:
Configuration File:/etc/sudoers (The sudo configuration file is strictly defined and the permission is 440
Syntax: who which_host = (whom) command
If a common user wants to use the sudo command, he must first log on with the user, and the password is the current user's password.
Sudo/usr/sbin/syeradd
(1) the user group divides users into millert, mikef, and dowdy groups.
User Alias (definition, meaning of User group) MASTER
(2) the identity of the person who partially classifies the operation type to execute the command
(3) in part
The host name, IP address, and network group that supports the entire network segment
Contains the previously defined groups
(4. To define the path of commands and commands, you must use the absolute path to avoid repeated directory names and errors being executed.
This article is from the "three-inch heaven" blog