To make yourself a superuser, enter the following into the bottom of the file: username ALL=(ALL) ALL //gives user "username" sudo access The file is located at /etc/sudoers and requires root permissions. To ensure that your account has this privilege, you must be added to the sudoers file. The sudo privilege is given on a per-user or per-group basis. Now that you know how to use this command, let’s look at how to configure the sudoers file. For example, if you want to edit an important configuration file, you might use vi /etc/sudoers: You will then be prompted for a password (you need to enter your user account password, not root's). Simply preface the intended command with sudo. Thankfully, the data and his career were recoverable! I saw a colleague blow away the root directory of a back-end storage server for the state of New York due to this simple oversight. At this point, a simple command line error could cost you dearly as an administrator. Think about this: You su to root to edit a file, but you forget to switch back to your user account afterward. While this method works, it isn’t the best way to accomplish the needed task in most cases. Previously, back when I was doing things "my way," I used to always use the su command (switch user) and would log in as root for these tasks. Have you ever tried to edit a config file only to receive "Permission Denied?" (The /etc/hosts file comes to mind.) If so, that was because your user account did not have access to that file. Sudo stands for "superuser do" and is the master key to your high-privilege admin tasks. Metaphor aside, sudo is your elevated privilege. It’s your "golden ticket," your security clearance, and your permission to do as you please. I’ll explain this later on for now, let’s take a look at what the sudo command is, why it's important, and how to configure it.ĭo you know those crime TV scenes where a plainclothes detective walks up and the uniformed officer stops them from entering the area until they flash their badge? We’ve all seen this drama unfold over the years, from the yellow tape to the pouring rain and the cliché trench coats, but what happens next? The uniformed officer takes a look, realizes that this person belongs on the scene, and lets them pass. This choice is unthinkable now, and honestly, it makes me laugh at myself for assuming I knew what I was doing. The sudo command is one that I didn’t use often before. It helps to understand what is going on behind the scenes and why you use specific arguments, flags, and objects. Sometimes, just knowing how isn’t good enough. As I started working in a more professional environment around people with years of experience and knowledge, I discovered that just because I could use a command did not mean that I understood the command. Even if it wasn’t the best command for the job, I had my way of doing things, and that worked for me. When I first started learning the Linux command line, I found myself memorizing commands for specific scenarios. How well do you know Linux? Take a quiz and get a badge.Linux system administration skills assessment. A guide to installing applications on Linux.Download RHEL 9 at no charge through the Red Hat Developer program.The example above shows that when we log in as the user guest and start the script with sudo, we must type the password. Therefore, if we execute the same script as another regular user, we have to provide the correct password: guest$ sudo. However, this privilege is only assigned to the user kent. Further, we haven’t leaked the password anywhere. rw- 1 root root 19768 Oct 24 22:59 root_vimrcĪs we’ve seen in the output, this time, sudo didn’t prompt for the password and copied the file directly. Next, let’s save the change and test if it works as we expected: kent$ sudo. This line tells sudo: When the user kent executes the script /tmp/test/cpvimrc.sh with sudo, the sudo command will run the script as root without asking for a password. To achieve that, we can add one line to the sudo command’s configuration: kent ALL=(root) NOPASSWD: /tmp/test/cpvimrc.sh cpvimrc.sh” command in a non-interactive mode. Our goal is to allow the kent user to run the “ sudo. Both of them require root permission to save the changes. To edit the sudo command’s configuration, we can either execute the visudo command or edit the file /etc/sudoers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |