Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Linux Administration Cookbook

You're reading from   Linux Administration Cookbook Insightful recipes to work with system administration tasks on Linux

Arrow left icon
Product type Paperback
Published in Dec 2018
Publisher Packt
ISBN-13 9781789342529
Length 826 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Adam K. Dean Adam K. Dean
Author Profile Icon Adam K. Dean
Adam K. Dean
Arrow right icon
View More author details
Toc

Table of Contents (15) Chapters Close

Preface 1. Introduction and Environment Setup 2. Remote Administration with SSH FREE CHAPTER 3. Networking and Firewalls 4. Services and Daemons 5. Hardware and Disks 6. Security, Updating, and Package Management 7. Monitoring and Logging 8. Permissions, SELinux, and AppArmor 9. Containers and Virtualization 10. Git, Configuration Management, and Infrastructure as Code 11. Web Servers, Databases, and Mail Servers 12. Troubleshooting and Workplace Diplomacy 13. BSDs, Solaris, Windows, IaaS and PaaS, and DevOps 14. Other Books You May Enjoy

Quick sudo explanation

In the various commands that were given in the preceding recipe, we used sudo repeatedly. This was so that we didn't have to log in as the root user to perform various restricted actions.

sudo is a contraction of 'superuser do' because sudo used to be used for running commands as the "superuser" only, nowadays you can use it to run commands as various users. 

Generally, if you attempt to run a command that you lack permissions to complete successfully, you'll be greeted with an error:

$ less /etc/sudoers 
/etc/sudoers: Permission denied

Here, I tried to have a look at the /etc/sudoers file, which also happens to be the file that determines a user's sudo privileges.

Running this command with sudo is a different story. Instead, it opens the file for me, dropping me into the less pager.

Toward the bottom of this file, we find the following block:

## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL

The wheel portion of this block is uncommented, and the text above that tells us what that means.

So, the obvious next question is, am I in the wheel group?

The term wheel has ancient origins in old-school UNIX installations. These, days it might be called admin or other. CentOS keeps it classic by using wheel.

Thankfully, this is very easy to check – the file in question is always in the same place: /etc/group.

Here, we print the contents of the group file to our screen, and look specifically for wheel.

We see the following layout:

group_name:password:GID:user_list

We can see that the group_name is wheel, the password is a lower x, which means that shadow passwords are being used, the group ID is 10, and the only user in this group is myself:

$ sudo cat /etc/group | grep wheel
wheel:x:10:adam

We can even do this with a single word, that being the groups command, which prints the groups that your current user is a member of:

$ groups
adam wheel

Being granted the ability to run superuser commands with sudo isn't the immediate right of everyone on the system, and it's up to the individual company and administration team to decide how that power is distributed.

There are places where everyone in operations has the power of sudo, and places where one person has that power.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime