添加用户权限到sudo(通过visudo命令)

发布时间：2014-09-05 13:35:11作者：知识屋

用visudo来编辑/etc/sudoers文件，赋予特定用户执行敏感命令权限

Defaults requiretty
Defaults env_resetDefaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS"Defaults env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE"Defaults env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES"Defaults env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE"Defaults env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
## Next comes the main part: which users can run what software on## which machines (the sudoers file can be shared between multiple## systems).## Syntax:#### user MACHINE=COMMANDS#### The COMMANDS section may have other options added to it.#### Allow root to run any commands anywhereroot ALL=(ALL) ALL
## Allows members of the 'sys' group to run networking, software,## service management apps and more.# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS
## Allows people in group wheel to run all commands%wheel ALL=(ALL) ALL
## Same thing without a password%wheel ALL=(ALL) NOPASSWD: ALL
## Allows members of the users group to mount and unmount the## cdrom as root# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
## Allows members of the users group to shutdown this system# %users localhost=/sbin/shutdown -h now
## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)#includedir /etc/sudoers.d

wheel是Linux系统中的一个组，可以在/etc/group文件中看到，将需要sudo权限的用户加入这个组里面，就可以执行sudo命令，并且执行大部分命令了。NOPASSWD表示执行命令时不需要密码，正常情况下应该需要密码的，目前太麻烦，先这样吧。

（免责声明：文章内容如涉及作品内容、版权和其它问题，请及时与我们联系，我们将在第一时间删除内容，文章内容仅供参考）