The administrator can configure the sudo command to allow a common user to execute commands in a different user identity (usually a super user) in a controllable way.
Introduction
The sudo command is similar to the su command in many aspects, but it also has some important functions.
The administrator can configure the sudo command to allow a common user to execute commands in a different user identity (usually a super user) in a controllable way.
Under certain circumstances, the user may be restricted to executing only one or several specific commands, but has no permission to execute other commands.
Another important difference is that using the sudo command does not require a superuser password.
========================================================== ======
Example
[Root @ allyes ~] # Sudo su-
========================================================== ======
View the permissions granted by the sudo command
[Root @ allyes ~] # Sudo-l
Matching Defaults entries for root on this host:
Env_reset, env_keep = "colors display hostname histsize inputrc kdedir LS_COLORS MAIL PS1 PS2 qtdir username lang LC_ADDRESS
LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME
LC_ALL language linguas _ XKB_CHARSET XAUTHORITY"
User root may run the following commands on this host:
(ALL) ALL
(ALL) NOPASSWD: ALL
[Root @ allyes ~] #
========================================================== ======