The sudo command allows users to do tasks on a Linux system as another user.
Sudo is more secure then su command.
Log files : /var/log/secure (Red Hat/Fedora / CentOS Linux)
/var/log/auth.log (Ubuntu / Debian Linux).
So we can get the details using above log files that which user has perform which task or command using sudo or as privilage user.
Below is the general syntax for /etc/sudoers file
USER HOSTNAME=COMMAND
Use of Sudo :
1) #visudo
2 )Enter this line in open file sanjay localhost=/sbin/reboot
3 ) Save the file
4 ) Now user sanjay can reboot the server using below command
# sudo /sbin/reboot
You can see the information of this user in /var/log/auth.log or /var/log/secure file
Examples :
1) Specify multiple commands for user Sanjay:
Sanjay ALL=/sbin/reboot, /etc/init.d/apache2 , /etc/init.d/mysql
2) Allow user Sanjay to run /sbin/reboot without any password
Sanjay ALL= NOPASSWD: /sbin/reboot
3) Allow user sanjay to run any command from /usr/bin directory on the localhost:
sanjay localhost = /usr/bin/*
No comments:
Post a Comment