Sudo command is used to provide root access privileges to specific users. so if we want to run a root command not need to log in as root, simply log on as a user who is granted root privileges by typing sudo before running another command.
The first scenario
below, I’ll give an example, suppose a user with a name will be given privileges wise as root, so the wise user can run all the commands that can be run by root. there are several steps that must be run to set up user wise to be as root.
1. edit the file /etc/sudoers with visudo command
2. add a line of blue reply as below in the file /etc/sudoers
# User privilege specification root ALL=(ALL) ALL asep ALL=(ALL) ALL
3. save the changes.
wise users can now run commands as root. for example we run the samba, do I like this:
$ sudo /etc/init.d/smbd start
The second scenario
for example the user is given only priveleges wise to run some commands only, so not all commands can be executed by user root wise. for example, a user can execute commands wise only to display the status of the samba service only. must not stop, restart, or start. same command as above for step 1. for step 2 replaced the line to something like this:
asep ALL=(ALL) /etc/init.d/smbd status
wise if the user run a command other than that is in the file /etc/sudoers, then the notice will appear as below.
$ sudo /etc/init.d/smbd restart Sorry, user asep is not allowed to execute '/etc/init.d/smbd restart' as root on localhost. $ sudo /etc/init.d/smbd stop Sorry, user asep is not allowed to execute '/etc/init.d/smbd stop' as root on localhost.
asep user can only run the command only displays the status of samba.
$ sudo /etc/init.d/smbd status [sudo] password for calvin: Rather than invoking init scripts through /etc/init.d, use the service(8) utility, e.g. service smbd status Since the script you are attempting to invoke has been converted to an Upstart job, you may also use the status(8) utility, e.g. status smbd smbd start/running, process 4026
The third scenario
in order asep users do not need to enter a password when running the sudo command, then in step 2 changed to be like this
asep ALL=NOPASSWD: /etc/init.d/smbd status $ sudo /etc/init.d/smbd status Rather than invoking init scripts through /etc/init.d, use the service(8) utility, e.g. service smbd status Since the script you are attempting to invoke has been converted to an Upstart job, you may also use the status(8) utility, e.g. status smbd smbd start/running, process 4026
to separate commands dengang another one on writing the file in /etc/sudoers, use a comma. for example:
asep ALL=NOPASSWD: /etc/init.d/smbd status,/etc/init.d/smbd restart,/etc/init.d/smbd stop
Explanation of the sudo command syntax:
asep ALL=(ALL) ALL
[field 1] [field 2] [field 3] [field 4]
[field 1] -> user who would use sudo
[field 2] -> hostname where the computer can run the command
[field 3] -> hostname specific computer or can also be set all
[field 4] -> commands can be executed by the user using sudo
NOTE: do not forget to log into the user’s wise to first to run a sudo command and change the file /etc/ sudoers can direct effect on the PC, so no need to reboot.