Linux中配置sudo用户访问权限-Toy模板网

这篇具有很好参考价值的文章主要介绍了Linux中配置sudo用户访问权限。希望对大家有所帮助。如果存在错误或未考虑完全的地方，请大家不吝赐教，您也可以点击"举报违法"按钮提交疑问。

一、如何在 Linux 中配置 sudo 的访问权限

1.1、添加一个Linux普通用户有 sudo 权限

[root@localhost ~]# useradd test  // 创建一个普通用户为：test
[root@localhost ~]# 
[root@localhost ~]# passwd test  // 设置用户test密码为：test
Changing password for user test.
New password: # test
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:   # test
passwd: all authentication tokens updated successfully.  # 看到successfully 表示设置成功
[root@localhost ~]# 
[root@localhost ~]# id test
uid=1000(test) gid=1000(test) groups=1000(test)
[root@localhost ~]# 
[root@localhost ~]# vim /etc/sudoers
...省略N
root    ALL=(ALL)       ALL
test    ALL=(ALL)       NOPASSWD: ALL  // 添加这一行
...省略N

linux sudoers 用户权限配置,linux,linux,运维,服务器

1.2、测试普通用户的 sudo 权限

[root@localhost ~]# su - test  // 登录用户 test
Last login: Wed Jun 28 16:35:53 CST 2023 from 192.168.192.1 on pts/1
[test@localhost ~]$ 
[test@localhost ~]$ cd /opt/
[test@localhost opt]$ 
[test@localhost opt]$ ll
total 0
-rw-r--r-- 1 root root 0 Jun 28 16:38 school  // 文件school 所有者和所属组为：root
[test@localhost opt]$ 
[test@localhost opt]$ cp school test.txt  // 使用用户test 复制school 文件为 test.txt 
cp: cannot create regular file ‘test.txt’: Permission denied  # 提示权限不够
[test@localhost opt]$ 
[test@localhost opt]$ ll
total 0
-rw-r--r-- 1 root root 0 Jun 28 16:38 school
[test@localhost opt]$ 
[test@localhost opt]$ sudo cp school test.txt  // 需要加上 sudo 
[test@localhost opt]$ 
[test@localhost opt]$ ll
total 0
-rw-r--r-- 1 root root 0 Jun 28 16:38 school
-rw-r--r-- 1 root root 0 Jun 28 17:13 test.txt  # 复制成功
[test@localhost opt]$

1.3、添加多个Linux普通用户有 sudo 权限

# 创建多个普通用户
[root@localhost ~]# useradd user1  // 创建用户：user1
[root@localhost ~]# 
[root@localhost ~]# passwd user1  // 设置密码为：user1
Changing password for user user1.
New password: 
BAD PASSWORD: The password is shorter than 7 characters
Retype new password: 
passwd: all authentication tokens updated successfully.
[root@localhost ~]# 
[root@localhost ~]# id user1
uid=1001(user1) gid=1001(user1) groups=1001(user1)
[root@localhost ~]# 

[root@localhost ~]# useradd user2   // 创建用户：user2
[root@localhost ~]# 
[root@localhost ~]# passwd user2   // 设置密码为：user2
Changing password for user user2.
New password: 
BAD PASSWORD: The password is shorter than 7 characters
Retype new password: 
passwd: all authentication tokens updated successfully.
[root@localhost ~]# 
[root@localhost ~]# id user2
uid=1001(user2) gid=1001(user2) groups=1001(user2)
[root@localhost ~]#

linux sudoers 用户权限配置,linux,linux,运维,服务器

1.4、验证sudo 权限

# 把 user1 和 user2 添加到拥有超级管理员权限的组（wheel） 里
[root@localhost ~]# getent group wheel
wheel:x:10:   
[root@localhost ~]# 
[root@localhost ~]# usermod -aG wheel user1 // 添加 user1 用户到 wheel 组了
[root@localhost ~]# 
[root@localhost ~]# getent group wheel
wheel:x:10:user1    //  查看已经添加进去
[root@localhost ~]# 
[root@localhost ~]# usermod -aG wheel user2   // 添加 user2 用户到 wheel 组了
[root@localhost ~]# 
[root@localhost ~]# getent group wheel
wheel:x:10:user1,user2   //  查看已经添加进去
[root@localhost ~]# 

[root@localhost ~]# su - user1  // 登录到 user1 
[user1@localhost ~]$ 
[user1@localhost ~]$ cd /opt/
[user1@localhost opt]$ 
[user1@localhost opt]$ ll
total 0
-rw-r--r-- 1 root root 0 Jun 28 16:38 school
-rw-r--r-- 1 root root 0 Jun 28 17:13 test.txt
[user1@localhost opt]$ 
[user1@localhost opt]$ cp school user1.txt  // 复制一份会报错权限不够
cp: cannot create regular file ‘user1.txt’: Permission denied
[user1@localhost opt]$ 
[user1@localhost opt]$ sudo cp school user1.txt  // 使用sudo 复制

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for user1: # 提示输入密码。因为，没有在文件/etc/sudoers里的wheel组加上NOPASSWD
[user1@localhost opt]$ 
[user1@localhost opt]$ ll
total 0
-rw-r--r-- 1 root root 0 Jun 28 16:38 school
-rw-r--r-- 1 root root 0 Jun 28 17:13 test.txt
-rw-r--r-- 1 root root 0 Jun 28 17:55 user1.txt  # 创建成功
[user1@localhost opt]$

linux sudoers 用户权限配置,linux,linux,运维,服务器文章来源地址https://www.toymoban.com/news/detail-640804.html

[root@localhost ~]# su - user2  // 登录 user2 
[user2@localhost ~]$ 
[user2@localhost ~]$ cd /opt/
[user2@localhost opt]$ ll
total 0
-rw-r--r-- 1 root root 0 Jun 28 16:38 school
-rw-r--r-- 1 root root 0 Jun 28 17:13 test.txt
-rw-r--r-- 1 root root 0 Jun 28 17:55 user1.txt
[user2@localhost opt]$ 
[user2@localhost opt]$ cp school user2  # 复制school文件为 user2
cp: cannot create regular file ‘user2’: Permission denied # 报错权限不够
[user2@localhost opt]$ 
[user2@localhost opt]$ sudo cp school user2  # 添加sudo。不需要添加密码
[user2@localhost opt]$ 
[user2@localhost opt]$ ll
total 0
-rw-r--r-- 1 root root 0 Jun 28 16:38 school
-rw-r--r-- 1 root root 0 Jun 28 17:13 test.txt
-rw-r--r-- 1 root root 0 Jun 28 17:55 user1.txt
-rw-r--r-- 1 root root 0 Jun 28 18:19 user2
[user2@localhost opt]$ 


-rw-r--r-- 1 root root 0 Jun 28 17:13 test.txt
-rw-r--r-- 1 root root 0 Jun 28 17:55 user1.txt
-rw-r--r-- 1 root root 0 Jun 28 18:19 user2
[user2@localhost opt]$

到了这里，关于Linux中配置sudo用户访问权限的文章就介绍完了。如果您还想了解更多内容，请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章，希望大家以后多多支持TOY模板网！