Jun 272012
 
Article Server Administration

Even if you are a Linux system administrator that can start an interactive session as root user, it is not a good practice to do so, because any error in typing a command can have catastrophic consecuences.

It is preferable to connect instead as a non-privileged user, that can perform the most common server administration tasks, and connect as root only when it is really needed.

Besides, in linux distros such as Ubuntu and Debian there is a ‘sudo’ command that used as a prefix of another command allows non-privileged users to run command that require root privileges.

To start using  ‘sudo’ we install first the corresponding package:

The installation creates a file  ‘/etc/sudoers’ that must be edited to allow the use of this utility to specific users. The default content of this file is:

We can grant to the user ‘simpleuser’ permission to run privileged command by means of ‘sudo’ by adding to the end of the ‘sudoers’  file the line:

With the addition of  “NOPASSWD:”, we avoid that the system requests the password of ‘simpleuser’ each time the sudo command is used.

Once our server is configured as explained, the system administrator can connect as ‘simpleuser’ on a regular basis. Whenever a command that requires privileges has to be executed, it is enough to prefix the command with ‘sudo’. For instance:

And that’s it!

Now, the system administrator can work with much less risk of having an unfortunate incident.

 

 Posted by at 2:04 pm

 Leave a Reply

(required)

(required)