Sudo :
Best explanation is the man page itself:
“sudo allows a permitted user to execute a command as the superuser or another user, as specified in the sudoers file. The real and effective uid and gid are set to match those of the target user as specified in the passwd file (the group vector is also initialized when the target
user is not root). By default, sudo requires that users authenticate themselves with a password (NOTE: by default this is the user’s pass- word, not the root password). Once a user has been authenticated, a timestamp is updated and the user may then use sudo without a password
for a short period of time (5 minutes unless overridden in sudoers).
sudo determines who is an authorized user by consulting the file /etc/sudoers. By giving sudo the -v flag a user can update the time stamp without running a command. The password prompt itself will also time out if the user’s password is not entered within 5 minutes (unless
overridden via sudoers).”
What this says is that sudo is used / can be used, by administrator (root ), to grant
execute permissions to specific users. For example, users can be granted to execute
the mount command, which is by default only executable by root. The benefit of
using sudo is that you don't have to mess with the setuid or setgid bits of the target
program, e.g. Mount . Rather you just mention the user or group in the
/etc/sudoers file and that is it. Users can use sudo command along mount
command to get their work done.
The /etc/sudoers file is quite easy to understand. But remember you have to
edit it NOT with vi. You have to use visudo command.
[root@mainserver / ]# visudo
Assume you want to give cdrom mount and unmount ability to the group named
students along the ability to shutdown the local machine.
You would add the following lines to the /etc/sudoers file.
[root@mainserver / ]# visudo
%students ALL=/bin/mount /dev/cdrom,/bin/umount /mnt/cdrom
%students localhost=/sbin/shutdown -h now
Now the users (members of group students) would use the sudo command to mount
various file systems.
[root@mainserver / ]# sudo mount /dev/cdrom /mnt/cdrom
[root@mainserver / ]#
skip to main |
skip to sidebar
Support The Linux, Linux Server, Squid, Webserver, dhcp server, smba, print, Mrtg
Pages
Blog Archive
Free IT Support
Forex Trading
Copyright (c) 2011 Linux Specialist.
Designed by Wordpress Templates