3 Basic Commands and Simple Shell Scripts Once you have your first Red Hat Enterprise Linux rhel



Download 1.85 Mb.
View original pdf
Page62/67
Date26.02.2024
Size1.85 Mb.
#63678
1   ...   59   60   61   62   63   64   65   66   67
Pablo Iranzo Gómez, Pedro Ibáñez Requena, Miguel Pérez Colino, Scott McCarty - Red Hat Enterprise Linux 9 Administration-Packt Publishing (2022) -chap 3 82 - 180
#2) Think before you type.
#3) With great power comes great responsibility.
[sudo] password for user:
[user@rhel-instance
]$ id john
uid=1002(john) gid=1002(john) groups=1002(john)
In this case, we see that we have been shown a warning message that is shown the first time we run sudo successfully. Then, we are asked for our own password – not the admin password, as there may not even be one, but the one we have for the user running sudo. Once the password is typed correctly, the command is run and registered in the system journal:
mar 11 19:44:26 rhel-instance.example.com useradd[1710]: user :
TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/sbin/adduser
john
Important Note
Once you have run sudo successfully, it will remember that validation for 15 minutes (as the default behavior. This is done so you don’t have to type your password again and again if you need to run more than one administrative command in a session. To increase it to 30 minutes, we can add the following line using visudo:
Defaults:USER timestamp_timeout=30.
Configuring sudo access for administrative tasks
151
Sometimes, you want to have an interactive session so that there is no need to type sudo again and again. For that, the i option is really useful. Let’s try it:
[user@rhel-instance
]$ sudo -i
[sudo] password for user:
[root@rhel-instance
]#
Let’s now move onto customizing the configuration of sudo in the sudoers file.
Configuring sudoers
We have seen the details of the default /etc/sudoers file in the previous section. Let’s see a couple of examples of how to make a more granular configuration.
Let’s start by making sudo run admin commands without requesting a password for the users in the wheel group. We can run visudo and make the line that starts with wheel look as follows:
%wheel ALL=(ALL) NOPASSWD: ALL
Save it. Note that there is a commented line in the configuration file with that configuration. Now, let’s try it:

Download 1.85 Mb.

Share with your friends:
1   ...   59   60   61   62   63   64   65   66   67



The database is protected by copyright ©ininet.org 2024
send message
    Main page
following topics
login process