≡ Menu

Sudo command in Ubuntu Tutorial

Sudo command is used to provide root access privileges to specific users. so if we want to run a root command not need to log in as root, simply log on as a user who is granted root privileges by typing sudo before running another command.

The first scenario

below, I’ll give an example, suppose a user with a name will be given privileges wise as root, so the wise user can run all the commands that can be run by root. there are several steps that must be run to set up user wise to be as root.

1. edit the file /etc/sudoers with visudo command

# visudo

2. add a line of blue reply as below in the file /etc/sudoers

# User privilege specification
root ALL=(ALL) ALL
asep ALL=(ALL) ALL

3. save the changes.
wise users can now run commands as root. for example we run the samba, do I like this:

$ sudo /etc/init.d/smbd start

The second scenario

for example the user is given only priveleges wise to run some commands only, so not all commands can be executed by user root wise. for example, a user can execute commands wise only to display the status of the samba service only. must not stop, restart, or start. same command as above for step 1. for step 2 replaced the line to something like this:

asep ALL=(ALL) /etc/init.d/smbd status

wise if the user run a command other than that is in the file /etc/sudoers, then the notice will appear as below.

$ sudo /etc/init.d/smbd restart
Sorry, user asep is not allowed to execute '/etc/init.d/smbd restart' as root on localhost.

$ sudo /etc/init.d/smbd stop
Sorry, user asep is not allowed to execute '/etc/init.d/smbd stop' as root on localhost.

asep user can only run the command only displays the status of samba.

$ sudo /etc/init.d/smbd status
[sudo] password for calvin:
Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service smbd status

Since the script you are attempting to invoke has been converted to an
Upstart job, you may also use the status(8) utility, e.g. status smbd
smbd start/running, process 4026

The third scenario

in order asep users do not need to enter a password when running the sudo command, then in step 2 changed to be like this

asep ALL=NOPASSWD: /etc/init.d/smbd status

$ sudo /etc/init.d/smbd status
Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service smbd status

Since the script you are attempting to invoke has been converted to an
Upstart job, you may also use the status(8) utility, e.g. status smbd
smbd start/running, process 4026

to separate commands dengang another one on writing the file in /etc/sudoers, use a comma. for example:

asep ALL=NOPASSWD: /etc/init.d/smbd status,/etc/init.d/smbd restart,/etc/init.d/smbd stop

Explanation of the sudo command syntax:

asep ALL=(ALL) ALL
[field 1] [field 2] [field 3] [field 4]

Explanation:

[field 1] -> user who would use sudo
[field 2] -> hostname where the computer can run the command
[field 3] -> hostname specific computer or can also be set all
[field 4] -> commands can be executed by the user using sudo

NOTE: do not forget to log into the user’s wise to first to run a sudo command and change the file /etc/ sudoers can direct effect on the PC, so no need to reboot.

{ 0 comments… add one }

Leave a Comment

CAPTCHA
*