This will be all they can do with sudo, anything else attempted will be denied. For example, we can add the below configuration to the /etc/sudoers file which will allow user1 to perform systemctl commands, allowing them to stop and start services using sudo (among many other things, systemctl can do a lot in RHEL 7). In order to define specific commands that may be executed with root privileges, we modify the /etc/sudoers file. Similarly, we can get a shell with the -i flag. We can also use sudo in combination with the su command to enter an interactive root shell, rather than entering every command with the sudo prefix. 1 root root 984 Aug 29 14:21 anaconda-ks.cfg Ls: cannot open directory /root: Permission denied Here we also see that user1 does not have permission to list contents of /root by itself, however it works correctly with sudo. Note that we are not dropped into a root shell after this.Īfter entering the user’s password for the first time for sudo, subsequent sudo usage does not require the password, as shown below. From there we run the whoami command as root with sudo, and after providing the password of user1 we are advised that we are root. In this example the root user adds user1 to the wheel group, which is defined in the /etc/sudoers configuration file to provide root privileges via the sudo command. #3) With great power comes great responsibility. It usually boils down to these three things: We trust you have received the usual lecture from the local SystemĪdministrator. The non root user account requires sudo privileges to do this, and this is normally setup by either adding the user or group to the /etc/sudoers file, or by adding the user to the wheel group. By default this will require you to provide your password again as a security measure. The super user do, or sudo command on the other hand instead allows you to run a command as root from your current user. Now that we understand the su command, let’s see what sudo has to offer. We don’t just have to enter a shell of the new user, we can optionally execute commands as that user with the -c flag. usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/user1/.local/bin:/home/user1/binĮssentially you almost always want to make use of the ‘-‘ when using su. usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin As shown below if we switch user without specifying ‘-‘ the path or current working directory of /root are not changed, which may cause problems when user1 goes to run commands. While it is not required that the ‘-‘ be specified, it is recommended for an interactive shell. Last login: Tue Aug 30 11:29:59 AEST 2016 on pts/0Īs shown if user1 wants to switch to user2 they need the password, however root can switch to any other user without providing the password. After entering the root password, you are now the root user and anything you run during this session will be run as root.Īlternatively you can specify the user that you want to change to, which generally requires their password unless you are root. When you run su without any arguments, it will try to open up a root shell by default and will therefore prompt you for the root password to proceed. The su command allows you to swtich user and run your commands as some other user under their user ID. In order to discuss the differences, let’s first establish what each command actually does with some examples. “What is the difference between the su and sudo commands?” Is a question commonly asked to those new to *nix based operating systems that we’ll explain and answer here.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |