To make it work, use sudo before a restricted command. The system will prompt for your password. Once provided, the system runs the command. When the sudo command is used, a timestamp is entered in the system logs. The user can run commands with elevated privileges for a short time default 15 minutes. If a non-sudo user tries to use the sudo command, it is logged as a security event. Note: Staying logged in as an administrator compromises security.
In the past, admins would use su substitute user to temporarily switch to an administrator account. For most modern Linux distributions, a user must be in the sudo , sudoers, or wheel group to use the sudo command.
By default, a single-user system grants sudo privileges to its user. A system or server with multiple user accounts may exclude some users from sudo privileges. We recommend to only grant privileges that are absolutely necessary for the user to perform daily tasks.
Add a user to the wheel group with the following command:. Replace [username] with an actual username. You may need to log in as an administrator or use the su command.
Add a user to the sudo group with the following command:. In some modern versions of Linux, users are added to the sudoers file to grant privileges. This is done using the visudo command. The sudoers file is a file Linux and Unix administrators use to allocate system rights to system users. This allows the administrator to control who does what. Remember, Linux is built with security in mind. When you want to run a command that requires root rights, Linux checks your username against the sudoers file.
The default user for the su command is root. Then you will enter the password for the root account, giving you a shell prompt where you can run any command as root. Again, this not safe. Once you are logged in as root, the system is open to vulnerabilities. However, your username must be in the sudoers file. Using -l after ls will give you a long and detailed listing.
Here is a layout of the sudoers file in Ubuntu. Your sudoers file may differ depending on the type of system you are using but should be the same genetically. See the man page for details on how to write a sudoers file. Host alias specification. User alias specification. Cmnd alias specification. Members of the admin group may gain root privileges.
Now your user account has sudo rights, or you are finally on that VIP list. Additionally, each time a user should no longer use the root account for example, an employee leaves , the system administrator will have to change the root password.
This is document amyi in the Knowledge Base. Last modified on Skip to: content search login. Knowledge Base Toggle local menu Menus About the team. Knowledge Base Search. Log in.
Options Help Chat with a consultant. Include archived documents. About Unix sudo and su commands The Unix commands sudo and su allow access to other commands as a different user. The sudo command The sudo command allows you to run programs with the security privileges of another user by default, as the superuser. To use the sudo command, at the command prompt , enter: sudo command Replace command with the command for which you want to use sudo.
0コメント