!visiblepw, always_set_home, match_group_by_gid, env_reset, env_keep="COLORS
DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS", env_keep+="MAIL PS1 PS2 QTDIR
USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION
LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY LC_NAME LC_NUMERIC
LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS
_XKB_CHARSET XAUTHORITY", secure_path=/sbin:/bin:/usr/sbin:/usr/bin
User test may run the following commands on yxb:
(root) PASSWD: /bin/id, !/bin/w
sudo -u <用户名> <命令>
, 将允许当前用户,提权到<用户名>的身份,再执行后面的<命令>
[root@yxb ~]# sudo -u user1 id
uid=1000(user1) gid=1000(user1) 组=1000(user1),10(wheel) 环境=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
通过useradd
添加的用户,并不具备sudo
权限。在ubuntu/centos
等系统下, 需要将用户加入admin
组或者wheel
组或者sudo
组。
[test@yxb ~]$ sudo vim /etc/passwd
[sudo] password for test:
test is not in the sudoers file. This incident will be reported.
以root
用户身份执行如下命令, 将用户加入wheel/admin/sudo
组:
usermod -a -G wheel <用户名>
s