debian:~# apt-get install sudo
/etc/sudoers
# /etc/sudoers # # This file MUST be edited with the 'visudo' command as root. # # See the man page for details on how to write a sudoers file. # Defaults env_reset # Host alias specification # User alias specification # Cmnd alias specification # User privilege specification root ALL=(ALL) ALL # Uncomment to allow members of group sudo to not need a password # (Note that later entries override this, so you might need to move # it further down) %sudo ALL=NOPASSWD: ALL
sudo group
neo@debian:/etc/mysql$ cat /etc/group | grep 'sudo' sudo:x:27:neo
ubuntu NOPASSWD sudo的時候不需要輸入密碼
組
%admin ALL=(ALL)ALL 改為 %admin ALL=(ALL) NOPASSWD: NOPASSWD: ALL
用戶
www localhost=NOPASSWD: /bin/cat, /bin/ls
命令前面加‘!’可以禁止用戶運行該命令
neo ALL = (root) /bin/mount, /bin/umount, !/bin/mount /data0 dba ALL = /bin/mount /u0[1-5], /bin/umount /u0[1-5]
Cmnd_Alias 定義命令別名
Cmnd_Alias WEBMASTER = /srv/nginx/sbin/nginx, /srv/php/sbin/php-fpm, !/srv/mysql/bin/mysql www localhost = NETWORKING, SERVICES, DELEGATING, PROCESSES, WEBMASTER