We all know that Linux provides robust security features. You can set client management policy and user permissions, so that, normal users can’t validate the essential system procedure. If you want your other users can perform such actions, you will have to use su or sudo commands.
What is ‘su’ :-
For the Linux system, su will force you to share your root password with other user.
What is ‘sudo’ :-
In Linux, sudo is a root binary set uid. It can run the root commands for approved users. Whenever users run the sudo, they will need to type their personalized password for executing the command.
To add or eliminate the listing of sudo user, you can run subsequent command
# sudo /usr/sbin/visudo
By default, sudo string might be looked as follows.
# root ALL=(ALL) ALL
How to grant Sudo access :-
It is extremely risky to grant ALL=(ALL) ALL permission to users except you know that listed users.
Root ALL=(ALL:ALL) ALL
admin ALL=(ALL:ALL) ALL
In spite of that, you can customize your sudo user more precisely by offering the limited command permission. For that, you can use the below command.
User_name Machine_name=(Effective_user) command
Subsequent are all divided components of the above line.
- User_name: Name of sudo user.
- Machine_name: Hostname of server.
- (Effective_user): Users which are allowed to execute command.
- Command: Commands or set of instructions which can sudo users perform.
Done!