❑ /etc/sudoers : It is the configuration file that configures authority about sudo command
❑ How to configure
❍ visudo -f /etc/sudoers (It can't be configured with vi)
❍ Press Ctrl+x then y to configure and exit
❍ Press Ctrl+x then y to configure and exit
❑ Grammar of sudoers
❍ [Account name] [System allowed to access current system]=([Executing account]) [Available command]
❍ %[Group name] [System allowed to access current system]=([Executing account]) [Available command]
❑ Example of sudoers grammar❍ %[Group name] [System allowed to access current system]=([Executing account]) [Available command]
❍ %admin 192.168.1.0/255.255.255.0=(apache, myadmin) /usr/bin/sort, /usr/bin/zip → Account in the admin group, when connecting from the 192.168.1.0/255.255.255.0, with authority of apache and myadmin, can use the commands that is /usr/bin/sort and /usr/bin/zip
❍ abc ALL=(ALL) ALL → abc account can all commands with all authority from all system
❍ abc ALL=(ALL) ALL → abc account can all commands with all authority from all system
※ In the case of latest OS such as CentOS7/RHEL7/OL7, wheel group users can use sudo commands by root permission. This is recorded in the sudoers file.
Test environment | |||
O S | Ubuntu 15.10 (64bit) | CPU | Intel i7-4710MQ 2.50GHz |
SHELL | GNU bash (4.3.42) | GPU | Gallium 0.4 on SVGA3D |
RAM | 984MiB |