Birmingham mumbai



Download 15,21 Mb.
Pdf ko'rish
bet99/482
Sana13.01.2022
Hajmi15,21 Mb.
#355107
1   ...   95   96   97   98   99   100   101   102   ...   482
Bog'liq
Mastering Ubuntu Server Gain expertise in the art of deploying, configuring, managing, and troubleshooting Ubuntu Server by Jay LaCroix (z-lib.org)

[
 67 
]
So 
visudo
 allows you to make changes to who is able to access 
sudo
. But how do you 
actually make these changes? Go ahead and scroll through the 
/etc/sudoers
 file that 
visudo
 opens and you should see a line similar to the following:
%sudo   ALL=(ALL:ALL) ALL 
This is the line of
 configuration that enables 
sudo
 access to anyone who is a member 
of the 
sudo
 group. You can change the group name to any that you'd like, for 
example, perhaps you'd like to create a group called 
admins
 instead. If you do change 
this, make sure that you actually create that group and add yourself and your staff to 
be members of it before you edit the 
/etc/sudoers
 file or log off; it would be rather 
embarrassing if you found yourself locked out of administrator access to the server.
Of course, you don't have to enable access by group. You can actually call out a 
username instead. With the 
/etc/sudoers
 file, groups are preceded by 
%
, while users 
are not. As an example of this, we also have the following line in the file:
root    ALL=(ALL:ALL) ALL 
Here, we're calling out a username (in this case, 
root
), but the rest of the line is the 
same as the one I pointed out before. While you can certainly copy this line and paste 
it one or more times (substituting 
root
 for a different username) to grant access to 
others, using the group approach is really the best way. It's easier to add and remove 
users from a group (such as the 
sudo
 group) than it is to use 
visudo
 each time.
So, at this point, you're probably wondering what the options on 
/etc/sudoers
 
configuration lines actually mean. So far, both examples used 
ALL=(ALL:ALL) All

In order to fully understand 
sudo
, understanding the other fields is extremely 
important, so let's go through them (using the 
root
 line again as an example).
The first 
ALL
 means that 
root
 is able to use 
sudo
 from any terminal. The second 
ALL
 
means that 
root
 can use 
sudo
 to impersonate any other user. The third 
ALL
 means 
that 
root
 can impersonate any other group. Finally, the last 
ALL
 refers to what 
commands this user is able to do; in this case, any command he or she wishes.
To help drive this home, I'll give some additional examples. Here's a hypothetical 
example:
charlie    ALL=(ALL:ALL) /sbin/reboot,/sbin/shutdown 


Managing Users and Permissions

Download 15,21 Mb.

Do'stlaringiz bilan baham:
1   ...   95   96   97   98   99   100   101   102   ...   482




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish