3 Basic Commands and Simple Shell Scripts Once you have your first Red Hat Enterprise Linux rhel


sudo, which stands for Super User Do



Download 1.85 Mb.
View original pdf
Page60/67
Date26.02.2024
Size1.85 Mb.
#63678
1   ...   56   57   58   59   60   61   62   63   ...   67
Pablo Iranzo Gómez, Pedro Ibáñez Requena, Miguel Pérez Colino, Scott McCarty - Red Hat Enterprise Linux 9 Administration-Packt Publishing (2022) -chap 3 82 - 180
sudo
, which stands for Super User Do.
It not only allows you to grant full administrative privileges to users or groups but also to be very granular about the privileged commands that some users maybe able to execute.
Let’s start by understanding the default configuration and how to change it.
Understanding sudo configuration
The tool has its main configuration file in /etc/sudoers and includes this part in the default configuration:
root ALL=(ALL) ALL
%wheel ALL=(ALL) ALL Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d
Let’s analyze these four specific lines one by one to understand what they do. The first line enables the root user to use sudo for any command that they want to run:
root ALL=(ALL) ALL. The second line enables the user in the wheel group to use sudo for any command that they want to run. We will explain the details of the syntax later:
%wheel ALL=(ALL) ALL
Configuring sudo access for administrative tasks
149
Important Note
Please do not disable the wheel group directive unless there is an important reason to do so. This behavior is expected by other programs to be available and disabling it may cause some problems. The third line, and all the lines starting with #, are considered comments, and they are only intended to add descriptive content with no effect on the final configuration. It is possible to include other sudoers files from within the sudoers file currently being parsed using the include and @includedir directives Read drop-in files from /etc/sudoers.d (the # here does not mean a comment. The fourth line is the only exception to the previous rule. This line enables the /etc/
sudoers.d directory as a source for configuration files. We can drop a file in that folder and it will be used by sudo. For compatibility with sudo versions prior to 1.9.1, include and
#includedir are also accepted:
#includedir /etc/sudoers.d
The exception to this last rule is files that end with or contain a . (dot) character.
As you have seen, the default configuration enables root and the members of the wheel group to run any command as an administrator using sudo.
The easiest way to use it is to add a user to the wheel group to grant that user full admin privileges. An example of how to modify the usertest account to make it an admin account is as follows:

Download 1.85 Mb.

Share with your friends:
1   ...   56   57   58   59   60   61   62   63   ...   67



The database is protected by copyright ©ininet.org 2024
send message
    Main page
following topics
login process