linux中sudo命令

sudo or superuser do is a utility used on Linux, BSD, and Unix systems that provides the running command with root or Administrator privileges. Not every user needs to have root privileges but in some cases needs to run commands with root privileges. We can use sudo to run some specific or all provided commands and edit files with the root privileges.

sudo或superuser do是在Linux，BSD和Unix系统上使用的实用程序，它为运行的命令提供root或Administrator特权。 并非每个用户都需要具有root特权，但是在某些情况下，需要以root特权运行命令。 我们可以使用sudo运行某些特定的或所有提供的命令，并以root特权编辑文件。

sudo配置文件sudoers (sudo Configuration File sudoers)

sudo command is configuration is stored /etc/sudoers file. This file can be only viewed and edit with root privileges. We can edit this just with visudo command like below.

sudo命令是配置存储在/etc/sudoers文件中。 只能使用root特权查看和编辑此文件。 我们可以使用visudo命令来编辑它，如下所示。

$ sudo visudo

We can see that there is a different part of the sudoers configuration file where default values, user and group privileges are provided.

我们可以看到sudoers配置文件的不同部分提供了默认值，用户和组特权。

配置语法 (Configuration Syntax)

We can use the following syntax in order to create a sudo configuration about the given user or group.

我们可以使用以下语法来创建有关给定用户或组的sudo配置。

USER HOSTLIST=(USERLIST) COMMANDLIST

• USER is the user who can run the given command on the given host
  USER是可以在给定主机上运行给定命令的用户
• HOSTLIST is the hosts where given commands can be run
  HOSTLIST是可以运行给定命令的主机
• COMMANDLIST is the commands can be run. Multiple commands can be delimited with the comma.
  COMMANDLIST是可以运行的命令。 多个命令可以用逗号分隔。

指定要运行Sudo命令的用户 (Specify A User To Run Sudo Command)

We can add a user to run a specific command with root privileges. In this example, we will add user ismail to run command visudo with root privileges.

我们可以添加一个用户以root权限运行特定的命令。 在此示例中，我们将添加用户ismail以root特权运行命令visudo 。

ismail ALL=(ALL:ALL) /usr/sbin/visudo

无密码Sudo命令(Passwordless Sudo Command)

We can provide sudo command to the given user without any password. We will use NOPASSWD configuration like below which will disable password for the user ismail.

我们可以在没有任何密码的情况下向给定用户提供sudo命令。 我们将使用如下所示的NOPASSWD配置，它将禁用用户ismail密码。

ismail ALL=NOPASSWD:/usr/sbin/visudo

列出可用命令 (List Available Commands)

We can list available commands with the -l option which will list currently used root privileged commands the current user can execute.

我们可以使用-l选项列出可用的命令，该选项将列出当前用户可以执行的当前使用的root特权命令。

$ sudo -l

以root权限运行命令(Run Command with Root Privileges)

In this example, we will run commands with root privileges by using sudo command. We will run ls command in the /root directory which is completely owned by root and only used by the root user.

在此示例中，我们将使用sudo命令以root特权运行命令。 我们将在/root目录中运行ls命令，该目录完全由root拥有，并且仅由root用户使用。

$ sudo ls /root

使用根权限编辑文件 (Edit File with Root Privileges)

We also edit files with the root privileges by using sudo command. We will edit the /etc/passwd file with the vim command like below.

我们还使用sudo命令以root特权编辑文件。 我们将使用vim命令编辑/etc/passwd文件，如下所示。

$ sudo vim /etc/passwd

sudo和su之间的区别(Difference Between sudo and su)

su command is used to login as root user on the other side sudo command just runs given command as root in the current user sessions. While running sudo command the user name will be also logged but with the sudo command just the root user name will be logged. The best way to

su命令用于在另一侧以root用户身份登录sudo命令仅在当前用户会话中以root用户身份运行给定命令。 在运行sudo命令时，还将记录用户名，但是使用sudo命令将仅记录root用户名。 最好的方法

翻译自: https://www.poftut.com/what-is-sudo-command-in-linux/

linux中sudo命令