ITPub博客

linux sudo权限配置

原创 作者:清风艾艾 时间:2018-08-09 10:20:45 0 删除 编辑

    这里记录一下linux的sudo简单配置过程,备后查。

    1、root打开sudo配置文件

[root@centos ~]# visudo

    2、sudo配置项

## Next comes the main part: which users can run what software on

## which machines (the sudoers file can be shared between multiple

## systems).

## Syntax:

##

##      user    MACHINE=COMMANDS

##

## The COMMANDS section may have other options added to it.

##

## Allow root to run any commands anywhere

root    ALL=(ALL)       ALL

mysql   ALL=(ALL)       ALL  #配置mysql用户等同root用户执行的所有命令

    3、配置mysql免密执行

## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)

#includedir /etc/sudoers.d

mysql localhost=(root) NOPASSWD:ALL

    4、root修改mysql的密码

[root@centos ~]# passwd mysql

    5、mysql添加mysql用户的sudo密码,sudo密码是第4部设置的mysql操作系统层的密码

-bash-4.1$ sudo uname

[sudo] password for mysql: 

Linux

-bash-4.1$

    6、查看sudo配置

[root@centos ~]# sudo -l

Matching Defaults entries for root on this host:

    requiretty, !visiblepw, always_set_home, env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS",

    env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT

    LC_MESSAGES", env_keep+="LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS

    _XKB_CHARSET XAUTHORITY", secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin

User root may run the following commands on this host:

    (ALL) ALL

[root@centos ~]# 

     7、mysql用户测试sudo是否正确

-bash-4.1$ sudo mkdir /test1

-bash-4.1$ ls -l /test1

total 0

-bash-4.1$ rm -rf /test1

rm: cannot remove `/test1': Permission denied

-bash-4.1$ sudo rm -rf /test1

-bash-4.1$ ls -l /test1

ls: cannot access /test1: No such file or directory

-bash-4.1$ 

    linux的sudo配置完成!


下一篇: 没有了~
请登录后发表评论 登录
全部评论
崇尚IT技术,热爱IT技术

注册时间:2015-01-30

  • 博文量
    154
  • 访问量
    162542