Overview
Sudo stands for "superuser do". It allows authenticated users to run commands as other users. Other users can be ordinary users or super users. However, most of the time we use it to run commands with elevated privileges.
The sudo command works with security policies. The default security policy is sudoers and can be configured via the file /etc/sudoers. Its security strategy is highly scalable. People can develop and distribute their own security policies as plug-ins.
Difference with su
In GNU/Linux, there are two ways to run commands with elevated privileges:
Use the su command
Use the sudo command
Su stands for "switch user". With su, we can switch to the root user and execute the command. However, there are some drawbacks to this approach:
We need to share the root password with others.
Because the root user is a superuser, we cannot grant controlled access.
We cannot review what the user is doing.
Sudo solves these problems in a unique way.
First of all, we do not need to compromise to share the root user's password. Ordinary users can use their own passwords to execute commands with elevated privileges.
We can control the access of sudo users, which means that we can restrict users to execute only certain commands.
In addition, all the activities of the sudo user are recorded, so we can review the operation at any time. In Debian-based GNU/Linux, all activities are recorded in the /var/log/auth.log file.
The following sections of this tutorial explain these points.
Practical hands-on operation sudo
Now we have a general understanding of sudo. Let us actually operate it. For demonstration, I use Ubuntu. However, the operation of other distributions should be the same.
Allow sudo permissions
Let's add the regular user sudo user. In my case, the username is linuxtechi.
1) Edit the /etc/sudoers file as follows:
$sudo visudo
2) Add the following line to allow user linuxtechi sudo permissions:
Linuxtechi ALL=(ALL)ALL
In the above command:
Linuxtechi indicates the user name
The first ALL indicates permission to access sudo from any terminal, machine
The second (ALL) indicates that the sudo command is allowed to execute as any user
The third ALL means that all commands can be executed as root
Execute commands with elevated privileges
To execute a command with elevated privileges, just add sudo to the command as follows:
$sudo cat /etc/passwd
When you execute this command, it asks for the linuxtechi password instead of the root user's password.
Execute commands with other users
In addition, we can use sudo to execute the command as another user. For example, in the following command, the user linuxtechi executes the command as user devesh:
$sudo -udevesh whoami
[sudo]password forlinuxtechi:
Devesh
Built-in command behavior
One of the limitations of sudo is that it cannot use the shell's built-in commands. For example, the history record is a built-in command. If you try to execute this command with sudo, you will be prompted with the following command not found error:
$sudo history
[sudo]password forlinuxtechi:
Sudo: history: command notfound
Access the root shell
To overcome the above problem, we can access the root shell and execute any commands there, including the shell's built-in commands.
To access the root shell, execute the following command:
$sudo bash
After executing this command - you will observe that the prompt changes to a hash sign (#).
skill
In this section we will discuss some useful tips that will help increase productivity. Most commands can be used to complete daily tasks.
Execute previous commands as sudo user
Let's assume that you want to execute the previous command with elevated privileges, then the following tips will be useful:
$sudo !4
The above command will use the elevated privilege to execute the fourth command in the history.
Use sudo command in Vim
Most of the time, when we edited the system's configuration file, we realized at save time that we needed root access to do this. Because this may cause us to lose our changes to the file. There is no need to panic, we can use the following command in Vim to solve this situation:
:w !sudo tee %
In the above command:
A colon (:) indicates that we are in Vim's exit mode
The exclamation point (!) indicates that we are running a shell command
Both sudo and tee are shell commands
Percent sign (%) indicates all lines starting from the current line
Use sudo to execute multiple commands
So far we have used sudo to execute only a single command, but we can use it to execute multiple commands. Just separate the commands with semicolons (;) as follows:
$sudo -- bash -c'pwd; hostname; whoami'
In the above command
Double hyphen (--) Stops command line switching
Bash indicates the name of the shell to use to execute the command
The -c option is followed by the command to be executed
Run sudo command without password
When the sudo command is executed for the first time, it prompts for a password. By default, the password is cached for 15 minutes. However, we can avoid this operation and use the NOPASSWD keyword to disable password authentication as follows:
Linuxtechi ALL=(ALL)NOPASSWD: ALL
Restrict users from executing certain commands
To provide controlled access, we can restrict sudo users from executing only certain commands. For example, the following line only allows execution of the echo and ls commands.
Linuxtechi ALL=(ALL)NOPASSWD: /bin/echo /bin/ls
Learn more about sudo
Let's dive deeper into the sudo command.
$ls -l /usr/bin/sudo
-rwsr-xr-x1root root145040Jun13 2017 /usr/bin/sudo
If you carefully observe the file permissions, you find that the setuid bit is enabled on sudo. When any user runs this binary, it will run with the user's authority to own the file. In the scenario shown, it is the root user.
To demonstrate this, we can use the id command as follows:
$id
Uid=1002(linuxtechi)gid=1002(linuxtechi)groups=1002(linuxtechi)
When we do not use sudo to execute the id command, the id of the user linuxtechi is displayed.
$sudo id
Uid=0(root)gid=0(root)groups=0(root)
However, if we use sudo to execute the id command, the root user's id is displayed.
in conclusion
As you can see from this article, sudo provides more controlled access for the average user. With these technologies, multiple users can interact with GNU/Linux in a secure manner.
After reading this article have a harvest? Everyone can leave a message area to interact with us.
·Basic precautions
Do not put expensive oil into low-quality cartridges to avoid wastage. Most pre-filled oil cartridges have the so-called 510 thread. The oil cartridge screws onto a rechargeable battery. Some of these batteries have buttons and some heat up automatically when you pump the oil. Some batteries have multiple temperature settings and some heat up to a preset temperature; these features need to be known in advance.
·Cleaning notes
Use a suitable cleaning tool to clean them, such as activated charcoal or dried tea leaves in a used pipe to absorb the oil. It is important not to use alcohol or other boiling water to clean the pipe, and to wait until it has cooled down completely before cleaning. Otherwise, the hot stem will come into contact with the watery liquid and cause the mouthpiece tenon to loosen, thus shortening the life of the 510 cartridges.
This is what you should be aware of when using 510 cartridges. At the same time, when using 510 cartridges, there are still some vaping tips, for example, when using them, be careful not to suck too hard, will not produce smoke. When you inhale too hard, the smoke is sucked directly into your mouth and not atomized by the atomizer, so gently inhaling is more powerful and gives you a better vaping experience.
510 Cartridge Oem,Leakproof 510 Cartridge,510 Battery And Cartridges Oem,510 Cartridge
Shenzhen MASON VAP Technology Co., Ltd. , https://www.disposablevapepenfactory.com