1.使用sudo service iptables status命令时报告没有权限:
[tansheng@localhost ~]$ sudo service iptables status
[sudo] password for tansheng:
tansheng 不在 sudoers 文件中。此事将被报告。
[tansheng@localhost ~]$
2.从网上搜索得知需要修改/etc/sudoers文件,但是该文件对root用户都只有只读权限,后来查到linux已经预留了专门的命令visudo来编辑该文件:
[tansheng@localhost ~]$ visudo
visudo:/etc/sudoers:权限不够
visudo:/etc/sudoers:权限不够
[tansheng@localhost ~]$ su - root
密码:
-bash: EDITOR: command not found
[root@localhost ~]# visudo
visudo:/etc/sudoers.tmp 未更改
[root@localhost ~]#
3.在切换到root用户下,用visudo编辑/etc/sudoers文件,加入一行:tansheng ALL=(ALL) ALL
## Syntax:
##
## user MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root ALL=(ALL) ALL ## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS ## Allows people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
tansheng ALL=(ALL) ALL
## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL ## Allows members of the users group to mount and unmount the
## cdrom as root
4.一切ok,tansheng用户可以使用sudo命令了
[root@localhost ~]# su - tansheng
[tansheng@localhost ~]$ sudo service sshd status
[sudo] password for tansheng:
openssh-daemon (pid ) 正在运行...
[tansheng@localhost ~]$