Home > Developer > Linux

Sudo configuration file/etc/sudoers format

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Describes the format of the sudo configuration file/etc/sudoers.
# User privilege specification
Root ALL = (ALL) ALL
# Allow members of group sudo to execute any command after they have
# Provided their password
# (Note that later entries override this, so you might need to move
# It further down)
% Sudo ALL = (ALL) ALL
#
# Includedir/etc/sudoers. d
# Members of the admin group may gain root privileges
% Admin ALL = (ALL) ALL
The above is the default/etc/sudoers file of my Ubuntu10.04. "#" Starts with comments that can be ignored.
First, you need to convert it to the root user and use the mongodo command to open the/etc/sudoers file.
Description: root ALL = (ALL) ALL
Root indicates the authorized user, which is the root user;
The first ALL indicates ALL computers;
The second ALL indicates ALL users;
The third ALL indicates ALL commands;
Authorize the root user to run all files on all computers as all users.
% Admin ALL = (ALL) ALL is the same as above, except that the Group admin is authorized.
Common Format
The common format of/etc/sudoers is:
User host run_as command
User: one or more users. in/etc/group, you can use a % to replace it. The group Object Name must start with a percent sign (%.
Host: one or more host names;
Run_as: Specifies the user to run. Common options are root and ALL.
Command: one or several root-level commands that you want users or groups to run.
For example:
Hans ALL = (root) useradd, userdel
Authorize the hans user to run the useradd and userdel commands as root on all computers.
% Smith ALL = (ALL) NOPASSWD: useradd, userdel
Authorize all members of the smith group to run the useradd and userdel commands as all users on all computers. Do not enter a password when running the command.
Note that the complete command path must be used when you define commands that can be run for users. This is completely out of security considerations. If the command we give is just a simple userad, rather than/usr/sbin/useradd, the user may create his own script, it is also called userad and placed in its local path, so that he can execute any command he wants through the local script named useradd as root. This is quite dangerous!


Author: xieyancheng

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
configuration file etc hosts format linux etc hosts format configuration settings file httpd configuration file mysql server configuration file php loaded configuration file

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More