|
Getting your Trinity Audio player ready...
|
Table of Contents
Linux SUDO Management
Let`s discuss privilege user management in linux in detail. All unix linux admins must be familiar with vi editor. We always recommend not to use vi directly to edit sudoers file. We should be using visudo always while granting privilege access to any user mostly pronounced as SUDO. That is exactly abbreviation of super user do i.e., what super user can do in other terms privilege for a user to perform role of super user.
This is very sensitive file and must be taken very seriously as whole organization including individuals or service ID using this in case of centralized sudoers management environment.
Step by Step Guide for Privilege User Management in Linux
Perform Syntax Inconsistency Check
If you have no inconsistencies in sudoers file, you will get “parsed OK” else you will get “parse error “. Please see below output.
# visudo -cf /etc/sudoers /etc/opt/sudo/sudoers file "parsed OK"
# visudo -cf /etc/sudoers >>> sudoers file: syntax error, line 2815 <<< "parse error" in /etc/sudoers near line 2815
Take a backup of sudoers file before edit.
# cp -p /etc/sudoers /etc/sudoers.YYMMDD_ID
Edit sudoers
Always use visudo to edit sudoers. Please try avoiding force saving. visudo will pick sudoers file to edit.
#visudo
Perform Syntax Inconsistency Check
Use step 1 and it must be parsed OK state after change as well.
Restore From Backup
If needed restore immediately from backup taken in step 2 only if needed or validation fails in step 4.
How To Validate SUDO Access For You On Any Linux Server
$ sudo -l Passwd:<Enter Your Password> Output is truncated for clarity. User ramesh may run the following commands. on lnxsrv01:(ALL) ALL
How To Validate SUDO Access For Anyone Else On Any Linux Server
# sudo -l -U prasad Passwd:<Enter Your Password> Matching Defaults entries for prasad on lnxsrv01: User prasad may run the following commands on lnxsrv01: (ALL) ALL (root) /bin/su - oracle
Conclusion
That`s all about Privilege User Management in Linux .Above details will be sufficient for efficient privilege access management. For more details you can visit how to add a user to sudoers in linux.
