Use the Sudo command to assign management permissions to the Ubuntu System

Ubuntu has a distinctive feature, that is, when you use it for the first time, you cannot log on to the system as the root user. Why? This should begin with the installation of the system. For other Linux systems, the root password is usually set during the installation process, so that the user can use it to log on to the root account or use the su command to convert to the Super User identity. In contrast, Ubuntu does not set a password for the root user or enable the root account when it is installed by default. The problem is, what should I do if I want to run the command as a root user? It doesn't matter,

Ubuntu has a distinctive feature, that is, when you use it for the first time, you cannot log on to the system as the root user. Why? This should begin with the installation of the system. For other Linux systems, the root password is usually set during the installation process, so that the user can use it to log on to the root account or use the su command to convert to the Super User identity. In contrast, Ubuntu does not set a password for the root user or enable the root account when it is installed by default. The problem is, what should I do if I want to run the command as a root user? It doesn't matter. We can use the sudo command for this purpose.

Sudo is a common tool in linux that allows common users to use superuser permissions. This command provides the Administrator with a fine-grained access control method, through it, people can access the system both as Super Users and as other types of users. The advantage of this is that administrators can grant some specific types of Super User Permissions without telling the user the root password, which is what many system administrators dream.

1. Default sudo Configuration

By default, Ubuntu provides a basic configuration for sudo, Which is saved in the sudoers file under the/etc directory. When modifying the configuration file, you must use the mongodo tool to edit the file, because the tool automatically performs a strict check on the configuration syntax. If an error is found, a warning is given when saving and exiting the file, the system prompts you which configurations are incorrect to ensure the correctness of the configuration file. On the contrary, if other text editing programs are used, once an error occurs, it will cause serious consequences to the system. The default/etc/sudoers file of Ubuntu is as follows:

# User privilege specificationroot ALL = (ALL) ALL # Members of the admin group may gain root privileges % admin ALL = (ALL) ALL

The following is a brief description of the above Configuration:

The purpose of the first configuration is to allow the root user to use The sudo command to become any other type of user in the system. The second configuration requires that all Members in the Management Group can execute all commands as root. Therefore, in the default Ubuntu system, to execute commands as root, you only need to keep up with the commands to be executed after sudo. The following example shows that if you want to execute apt-get update, you should type the following in the command line:

$ Sudo apt-get update

2. Configuration File Syntax explanation

Next, we will use an instance to explain in detail the configuration syntax of the/etc/sudoers file. See the following example:

Jorge ALL = (root)/usr/bin/find,/bin/rm

The first column above specifies that it applies to users or groups. In this example, It is user jorge. In addition, because the group and user in the system can be renamed, to specify that the rule applies to a group rather than a user, the Group Object Name must start with a percent sign (%.

The second column specifies the applicable host of the rule. This column is particularly useful when we deploy the sudo environment among multiple systems. Here ALL represents ALL hosts. However, if you do not want to deploy sudo on a desktop or multiple systems, replace this column with the corresponding host name.

The value in the third column is enclosed in brackets, indicating the identity of the user specified in the first column to execute the command. In this example, the value is set to root, which means that the user jorge can run the commands listed below as the root user. This value can also be set to the wildcard "ALL". jorge can be used as any user in the system to execute the listed command.

The last column (/usr/bin/find,/bin/rm) is a command table separated by commas, these commands can be run by users specified in the first column as indicated in the third column. In this example, the configuration allows jorge to run the/usr/bin/find and/bin/rm commands as Super Users. It must be noted that the commands listed here must use absolute paths.

3. How to Use the sudo command

Now the question is, how can a user jorge use the permissions assigned to him? In fact, it is very easy to use the sudo command in command line mode.

Add the program he wants to run, for example:

Jorge @ ubuntu :~ $ Sudo find .! -Name '*. avi'-exec rm-f //{/