sudo是一个命令行工具,允许授权的用户以另一个用户的安全权限执行命令

sudo配置

# 编辑sudoers文件
visudo  == vim /etc/sudoers


# 授权部分命令
gaga ALL=(ALL) /bin/cat,/bin/less

# 授权所有不需要密码认证
gaga  ALL=(ALL)  NOPASSWD:ALL

[root@c7-100 ~]# egrep   -v  '^(#|$)'  /etc/sudoers
Defaults   !visiblepw
Defaults    always_set_home
Defaults    match_group_by_gid
Defaults    always_query_group_plugin
Defaults    env_reset
Defaults    env_keep =  "COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS"
Defaults    env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE"
Defaults    env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES"
Defaults    env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE"
Defaults    env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"
Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin
root    ALL=(ALL)       ALL
%wheel  ALL=(ALL)       ALL
gaga  ALL=(ALL)  NOPASSWD:ALL

sudo

sudo su -      //切换到root执行
sudo -u username  command   //以username权限执行command
sudo -s   //获取root shell
sudo -l    //当前用户许可被执行的命令
sudo -v   //验证sudoers配置