SUDO on Linux
cat /etc/passwd
test:x:500:500:test:/home/test:/bin/bash
[root@localhost ~]# cp /etc/sudoers
[root@localhost ~]# cp /etc/sudoers /etc/sudoers.org
1) Full Permission to User
# User privilege specification
test ALL=(ALL) ALL
Let restart apache with out sudo
[test@localhost ~]$ /etc/init.d/httpd restart
rm: cannot remove `/var/run/httpd/httpd.pid’: Permission denied
test@localhost ~]$ sudo /etc/init.d/httpd restart
[sudo] password for test:
Stopping httpd: [ OK ]
sudo vi /etc/httpd/conf/httpd.conf
2) Limited Permission to User
Let restrict to apache stop,start restart
test ALL=(ALL) /etc/init.d/httpd
3)Full permission to a user with No password
test ALL=(ALL) NOPASSWD:ALL
[test@localhost ~]$ sudo /etc/init.d/vsftpd restart
Shutting down vsftpd: [FAILED]
Starting vsftpd for vsftpd: [ OK ]
4) All Permission to Group
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
5) Limited Permission to Group
# Members of the admin group may gain root privileges
%admin ALL=(ALL) /etc/init.d/ssh
6) All Permission to Group with No Password
# Members of the admin group may gain root privileges
%admin ALL=(ALL) NOPASSWD:ALL
7)Give Limited Permission to Group with No Password
# Members of the admin group may gain root privileges
%admin ALL=(ALL) NOPASSWD:/etc/init.d/ssh
what you’ve said makes sense, and i can understand it very clearly, thanks.
good post.