sudo allows a system administrator to delegate authority to give certain users—or groups of users—the ability to run commands as root or another user while providing an audit trail of the commands and their arguments. It plays a vital role in user controlling.

The default configuration file is /etc/sudoers.

In default, this file will include one folder located in /etc/sudoers.d/ .

#includedir /etc/sudoers.d

You can also edit some file in /etc/sudoers.d/ to make the managing easier.

The syntax of the configuration file is pretty easy.

USER_NAME HOST_NAME=(TARGET_USER_NAME) [NOPASSWD: ] COMMAND_0, COMMAND_1, ..., COMMAND_N

We can simply replace USER_NAME, HOST_NAME, TARGET_USER_NAME, commands using 'ALL', which will drop the limitation.

USER_NAME can also replaced as '%GROUP_NAME' to give all the users in one group a few special permissions.

If you are supposed to invoke one user all the special permissions without password, the follow command could helps

echo "$(whoami) ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/$(whoami)

sudo in docker

sudoer may not installed in default in some docker images. You are supposed to install it first.

If you are using CentOS, you can simple install it using command:

yum install sudo -y

If you are using Fedora, the command could be changed to:

dnf install sudo -y

Notice

sudoer file is very fragile! Don't leave your root session before your modification is proved to be correct!

Categories: Code

Yu

Ideals are like the stars: we never reach them, but like the mariners of the sea, we chart our course by them.

Leave a Reply

Your email address will not be published.