linux下sudo命令
[userld@redhat2 root]$ sudo ls We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for userld: userld is not in the sudoers file. This incident will be reported.
linux默认没有为当前用户(除root用户)开启sudo权限!
一:进入超级用户下
[userld@redhat2 root]$ su -
Password:
[root@redhat2 ~]#
二:开始编辑编辑/etc/sudoers文件
[root@redhat2 etc]# ls -al | grep sudo -r--r-----. 1 root root 4002 Mar 2 2012 sudoers #对其进行操作 drwxr-x---. 2 root root 4096 May 16 2012 sudoers.d -r--r-----. 1 root root 1031 May 16 2012 sudo-ldap.conf
(1)强制写入(或者先给权限,再去掉权限)
[root@redhat2 etc]# vim sudoers
(2)找到root ALL=(ALL) ALL这一行,在下面为需要的用户添加run sudo权限
root ALL=(ALL) ALL userld ALL=(ALL) ALL #默认是需要去输入userld用户的密码,在执行sudo时
userld ALL=(ALL) NOPASSWD:ALL #是不需要去输入密码的
(3)也可以对用户组进行操作,与上面一致
%用户组 ALL=(ALL) ALL #默认是需要去输入userld用户的密码,在执行sudo时
%用户组 ALL=(ALL) NOPASSWD:ALL #是不需要去输入密码的
三:测试
[userld@redhat2 root]$ ls #默认是不允许去操作root目录的,权限不允许 ls: cannot open directory .: Permission denied You have new mail in /var/spool/mail/root [userld@redhat2 root]$ ls ls: cannot open directory .: Permission denied [userld@redhat2 root]$ sudo ls #使用sudo执行,用户普通用户执行一些或者全部的管理员命令 anaconda-ks.cfg Documents install.log.syslog Public Videos Application Downloads Music Templates Desktop install.log Pictures test