Sudo is used for providing access of root ( Super admin ) commands to non root users. For example, As an administrator you want to provide access to restart web server to user nick, but he cannot make any changes to its configuration. You can provide sudo access to user nick to do it.
To edit sudo configuration file use below command.
Above command will open /etc/sudores file in editor. This file is main configuration file for sudo. In sudores file you will get below entry, which provides user root to do anything
root ALL=(ALL) ALL
Command Syntax in /etc/sudores File
The format of /etc/sudores is as below
user host:runas command
- user – Name of user, Use % sign to specify a group name like %webadmins
- host – Computer hostnames
- runas – User for run as, common options are used root or ALL
- command – One or more root level command
Provide Access to a User
Now if you want to provide web server reboot privileges to user nick, add below configuration in sudores file
nick ALL=(root) NOPASSWD: /etc/init.d/httpd restart
NOPASSWD means no verification is required if you leave this out, nick will have to re enter his own password. Now user nick can restart web server using following command.
# sudo /etc/init.d/httpd restart
Provide Access to a Group
If you want to provide a root command access to group named webadmins, to restart web server, add below line in configuration file.
%webadmins ALL=(root) /etc/init.d/httpd restart