解决 Linux 系统,出现“不在sudoers文件中,此事将被报告”的问题

我在使用个人用户(非root用户)时,在执行其他命令时,使用sudo命令来执行的时候,需要验证当前用户的密码,输入了之后,提示“admin 不在sudoers文件中,此事将被报告”

分析原因,主要是权限不够,需要提升权限。

解决方法:

步骤:

1、先切换至root用户,输入命令:su root,然后输入密码

[admin@localhost ~]$ su root
密码:

 

2、查看 /etc/sudoers 文件权限,如果只读权限,修改为可写权限

输入查看文件命令:ls –l /etc/sudoers

[root@localhost admin]# ll /etc/sudoers
-r--r-----. 1 root root 4355 11月 24 11:13 /etc/sudoers

 

由此可看,该文件为只读权限

3、设置 /etc/sudoers 文件权限,添加 可写权限

输入修改权限命令:chmod u+w /etc/sudoers

[root@localhost admin]# chmod u+w /etc/sudoers

4、执行vim命令,编辑/etc/sudoers文件,

输入编辑文件命令:"vim /etc/sudoers"

[root@localhost admin]# vim /etc/sudoers

5、查看打印内容

E325: 注意
发现交换文件 "/etc/.sudoers.swp"
            所有者: root    日期: Wed Nov 24 11:10:17 2021
            文件名: /etc/sudoers
            修改过: 是
            用户名: root      主机名: localhost
           进程 ID: 4637 (仍在运行)
正在打开文件 "/etc/sudoers"
              日期: Wed Nov 24 11:39:36 2021
      比交换文件新!

(1) Another program may be editing the same file.  If this is the case,
    be careful not to end up with two different instances of the same
    file when making changes.  Quit, or continue with caution.
(2) An edit session for this file crashed.
    如果是这样,请用 ":recover" 或 "vim -r /etc/sudoers"
    恢复修改的内容 (请见 ":help recovery")。
    如果你已经进行了恢复,请删除交换文件 "/etc/.sudoers.swp"
    以避免再看到此消息。

交换文件 "/etc/.sudoers.swp" 已存在!
以只读方式打开([O]), 直接编辑((E)), 恢复((R)), 退出((Q)), 中止((A)):
 

6、按e键,直接编辑

7、利用 回车键 换行,找到 Allow root to run any commands anywhere ,按i键开始编辑,下面的指令会出现插入的字样。

8、在root ALL=(ALL) ALL 的下一行添加代码:admin ALL=(ALL) ALL

## Next comes the main part: which users can run what software on 
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
##      user    MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere 
root    ALL=(ALL)       ALL
admin   ALL=(ALL)       ALL
## Allows members of the 'sys' group to run networking, software, 
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL

## Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

## Allows members of the users group to mount and unmount the 
## cdrom as root
# %users  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom

## Allows members of the users group to shutdown this system
# %users  localhost=/sbin/shutdown -h now

## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d
 

9、按 ESC 键退出插入模式,然后 键盘输入 :wq 关闭并保存

## Next comes the main part: which users can run what software on 
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
##      user    MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere 
root    ALL=(ALL)       ALL
admin   ALL=(ALL)       ALL
## Allows members of the 'sys' group to run networking, software, 
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL

## Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

## Allows members of the users group to mount and unmount the 
## cdrom as root
# %users  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom

## Allows members of the users group to shutdown this system
# %users  localhost=/sbin/shutdown -h now

## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d

:wq

10、恢复 /etc/sudoers的权限为440

输入回复权限的命令:chmod 440 /etc/sudoers

[root@localhost admin]# chmod 440 /etc/sudoers

11、查看/etc/sudoers的权限是否恢复

输入查看权限命名:ll /etc/sudoers

[root@localhost admin]# ll /etc/sudoers
-r--r-----. 1 root root 4355 11月 24 11:41 /etc/sudoers

12、权限恢复正常,切换至普通用户

输入切换用户命令:su admin

[root@localhost admin]# su admin
[admin@localhost ~]$ 

13、测试该用户的权限,我们可以使用命令 sudo useradd user1 来创建新用户

[admin@localhost  ~]$ sudo useradd user1

14、此时已经没有了先去的报错,用户也已经创建成功,大功告成!!!

上一篇:简单解决linux下 sudo每次都要输入用户密码问题


下一篇:centos新建用户并授权