关于sudoers中的admin group和sudo group

What is the difference between the 'sudo' and 'admin' group?


I noticed that two groups are granted similar-looking permissions in /etc/sudoers:

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

My user account with "Administer the system" privileges is in the admin group, and there don't appear to be any users in the sudo group. What are these two groups for?


Ubuntu 12.04 LTS and later

Administrators are added to the sudo group, but the admin group is supported for backward compatibility. From the release notes:

Up until Ubuntu 11.10, administrator access using the sudo tool was granted via the admin Unix group. In Ubuntu 12.04, administrator access will be granted via the sudo group. This makes Ubuntu more consistent with the upstream implementation and Debian. For compatibility purposes, the admingroup will continue to provide sudo/administrator access in 12.04.

It is not created when you do a fresh install, though it is still present if you upgraded from previous distributions. Either way, the admin group appears in the /etc/sudoers file.

See implementation details and the official documentation.


Ubuntu 11.10 and earlier

By default the sudo group is not used in Ubuntu:

  • the user created during installation belongs to admin group, not sudo;
  • no guide or manual I ever read advices to use the sudo group;
  • no one feels the need to use the sudo group, because the admin group can do all one needs.

Conversely, on Debian the group enabled in /etc/sudoers is the sudo group, and there is no admingroup. But the user created during installation is not put in that group, because Debian has the rootaccount enabled. You should do it explicitly, if you want to.

Also, Fedora is similar to Debian, having root enabled and no default privileges for the user create during installation. But the administrative group configured in /etc/sudoers is the more traditional groupwheel.

In conclusion, I think there is no use for sudo group in Ubuntu, simply it is a Debian heritage.


  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值