我在使用个人用户(非root用户)时,在执行其他命令时,使用sudo命令来执行的时候,需要验证当前用户的密码,输入了之后,提示“admin 不在sudoers文件中,此事将被报告”
分析原因,主要是权限不够,需要提升权限。
解决方法:
步骤:
1、先切换至root用户,输入命令:su root
,然后输入密码
[admin@localhost ~]$ su root
密码:
2、查看 /etc/sudoers
文件权限,如果只读权限,修改为可写权限
输入查看文件命令:ls –l /etc/sudoers
[root@
localhostadmin]# ll /etc/sudoers
-r--r-----. 1 root root 4355 11月 24 11:13 /etc/sudoers
由此可看,该文件为只读权限
3、设置 /etc/sudoers
文件权限,添加 可写权限
输入修改权限命令:chmod u+w /etc/sudoers
[root@
localhostadmin]# chmod u+w /etc/sudoers
4、执行vim命令,编辑/etc/sudoers
文件,
输入编辑文件命令:"vim /etc/sudoers"
[root@localhost admin]# vim /etc/sudoers
5、查看打印内容
E325: 注意
发现交换文件 "/etc/.sudoers.swp"
所有者: root 日期: Wed Nov 24 11:10:17 2021
文件名: /etc/sudoers
修改过: 是
用户名: root 主机名: localhost
进程 ID: 4637 (仍在运行)
正在打开文件 "/etc/sudoers"
日期: Wed Nov 24 11:39:36 2021
比交换文件新!(1) Another program may be editing the same file. If this is the case,
be careful not to end up with two different instances of the same
file when making changes. Quit, or continue with caution.
(2) An edit session for this file crashed.
如果是这样,请用 ":recover" 或 "vim -r /etc/sudoers"
恢复修改的内容 (请见 ":help recovery")。
如果你已经进行了恢复,请删除交换文件 "/etc/.sudoers.swp"
以避免再看到此消息。交换文件 "/etc/.sudoers.swp" 已存在!
以只读方式打开([O]), 直接编辑((E)), 恢复((R)), 退出((Q)), 中止((A)):
6、按e键,直接编辑
7、利用 回车键
换行,找到 Allow root to run any commands anywhere
,按i
键开始编辑,下面的指令会出现插入
的字样。
8、在root ALL=(ALL) ALL
的下一行添加代码:admin ALL=(ALL) ALL
## Next comes the main part: which users can run what software on
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
## user MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
admin ALL=(ALL) ALL
## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL## Allows members of the users group to mount and unmount the
## cdrom as root
# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom## Allows members of the users group to shutdown this system
# %users localhost=/sbin/shutdown -h now## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d
9、按 ESC
键退出插入模式,然后 键盘输入 :wq
关闭并保存
## Next comes the main part: which users can run what software on
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
## user MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
admin ALL=(ALL) ALL
## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL## Allows members of the users group to mount and unmount the
## cdrom as root
# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom## Allows members of the users group to shutdown this system
# %users localhost=/sbin/shutdown -h now## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d:wq
10、恢复 /etc/sudoers
的权限为440
输入回复权限的命令:chmod 440 /etc/sudoers
[root@localhost admin]# chmod 440 /etc/sudoers
11、查看/etc/sudoers
的权限是否恢复
输入查看权限命名:ll /etc/sudoers
[root@localhost admin]# ll /etc/sudoers
-r--r-----. 1 root root 4355 11月 24 11:41 /etc/sudoers
12、权限恢复正常,切换至普通用户
输入切换用户命令:su
admin
[root@localhost admin]# su admin
[admin@localhost ~]$
13、测试该用户的权限,我们可以使用命令 sudo useradd user1
来创建新用户
[admin@localhost ~]$ sudo useradd user1
14、此时已经没有了先去的报错,用户也已经创建成功,大功告成!!!