08月
09

发表于 字数统计 8543 89 人看爆

装好Fedora14之后,在用sudo时提示”xxx is not in the sudoers file. This incident will be reported.其中XXX是你的用户名,也就是你的用户名没有权限使用sudo,我们只要修改一下/etc/sudoers文件就行了。下面是修改方 法:

  • 进入超级用户模式。也就是输入”su -“,系统会让你输入超级用户密码,输入密码后就进入了超级用户模式。(当然,你也可以直接用root用)
  • 添加文件的写权限。也就是输入命令”chmod u+w /etc/sudoers”。
  • 编辑/etc/sudoers文件。也就是输入命令
    vim /etc/sudoers 输入”i”进入编辑模式,找到这一 行root ALL=(ALL) ALL 在起下面添加xxx ALL=(ALL) ALL(这里的xxx是你的用户名),然后保存(就是先按一 下Esc键,然后输入”:wq”)退出。
  • 撤销文件的写权限。也就是输入命令chmod u-w /etc/sudoers

至此,问题解决。

*************************************************

下面为大家分享下其它网友的补充:

[WinJay@WinJay ~]$ sudo yum install libstdc++.so.6

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.

[sudo] password for Jeffery:
WinJay 不在 sudoers 文件中。此事将被报告。

以上是操作时报的错误 google后知道需要修改配置文件,就可以了。。

=============================================
以下操作要切换到root用户下进行操作
=============================================
[root@WinJay WinJay]# vi /etc/sudoers
## Sudoers allows particular users to run various commands as
## the root user, without needing the root password.
##
## Examples are provided at the bottom of the file for collections
## of related commands, which can then be delegated out to particular
## users or groups.
##
## This file must be edited with the ‘visudo’ command.

## Host Aliases
## Groups of machines. You may prefer to use hostnames (perhaps using
## wildcards for entire domains) or IP addresses instead.
# Host_Alias FILESERVERS = fs1, fs2
# Host_Alias MAILSERVERS = smtp, smtp2

## User Aliases
## These aren’t often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file – just use %groupname
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem

## Command Aliases
## These are groups of related commands…

## Networking
# Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool

## Installation and management of software
# Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum

## Services
# Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig

## Updating the locate database
# Cmnd_Alias LOCATE = /usr/bin/updatedb

## Storage
# Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
## Delegating permissions
# Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp

## User Aliases
## These aren’t often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file – just use %groupname
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem

## Command Aliases
## These are groups of related commands…

## Networking
# Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool

## Installation and management of software
# Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum

## Services
# Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig

## Updating the locate database
# Cmnd_Alias LOCATE = /usr/bin/updatedb

## Storage
# Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount

## Delegating permissions
# Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp

## Processes
# Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall

## Drivers
# Cmnd_Alias DRIVERS = /sbin/modprobe

# Defaults specification

#
# Disable “ssh hostname sudo “, because it will show the password in clear.
# You have to run “ssh -t hostname sudo “.
#
Defaults requiretty
#
# Refuse to run if unable to disable echo on the tty. This setting should also be
# changed in order to be able to use sudo without a tty. See requiretty above.
#
Defaults !visiblepw

#
# Preserving HOME has security implications since many programs
# use it when searching for configuration files. Note that HOME
# is already set when the the env_reset option is enabled, so
# this option is only effective for configurations where either
# env_reset is disabled or HOME is present in the env_keep list.
#
Defaults always_set_home

Defaults env_reset
Defaults env_keep = “COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS”
Defaults env_keep += “MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE”
Defaults env_keep += “LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES”
Defaults env_keep += “LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE”
Defaults env_keep += “LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY”

#
# Adding HOME to env_keep may enable a user to run unrestricted
# commands via sudo.
#
# Defaults env_keep += “HOME”

Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin

## Next comes the main part: which users can run what software on
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
## user MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##

## Allow root to run any commands anywhere
root ALL=(ALL) ALL

## Allows members of the ‘sys’ group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
WinJay ALL=(ALL) ALL

## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL

## Allows members of the users group to mount and unmount the
## cdrom as root
# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom

## Allows members of the users group to shutdown this system
# %users localhost=/sbin/shutdown -h now

## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d

添加完成后,退出即可。

♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦

我用的是Ubuntu 12.04,在一般用户下执行sudo命令提示Nagios is not in the sudoers file. This incident will be reported.

解决方法 :

一、$whereis sudoers -------找出文件所在的位置,默认都是/etc/sudoers

sudoers: /etc/sudoers.d /etc/sudoers /usr/share/man/man5/sudoers.5.gz(我这里找到三个文件位置)

二、 #chmod u+w /etc/sudoers

以超级用户登录su -root ,修改文件权限即添加文件拥有这的写权限限,ls -al /etc/sudoers 可以查看原文件的权限。


三、vim /etc/sudoers 编辑文件,在root ALL=(ALL)ALL行下添加XXX ALL=(ALL)ALL,XXX为你的用户名。添加方法:找到root行,按下”i“键进入编辑模式添加即可!编辑好后esc键进入一般模式, “:wq”保存退出!
最后, #chmod u-w /etc/sudoers 回到文件的原权限!

在 ubuntu中由于禁用了root用户,默认情况下会把安装系统时建立的用户添加到sudoers中。但在redhat和centos中并没有把任何 root用户之外的用户默认的添加到sudoers之中。这样我们在执行sudo 命令时就会出现xxx is not in the sudoers file. This incident will be reported.这样的错误输出。现在为了安全起见比较提倡使用普通用户做日常操作,而在需要超级用户的时候使用sudo 来做,这样,我们就有必要把一些用户添加到sudoers之中。
其实把用户添加到sudoers之中很简单。
首先利用whereis 命令查找sudoers配置文件的目录(默认会在/etc/sudoers)
[root@Nagios]# whereis sudoers
sudoers: /etc/sudoers /etc/sudoers.bak /usr/share/man/man5/sudoers.5.gz
然后需要切换到root用户,更改/etc/sudoers的权限
[root@Nagios]# chmod u+w /etc/sudoers
然后就可以利用vi编辑器来把用户添加到sudoers之中
[root@Nagios]# vi /etc/sudoers
然后找到root ALL=(ALL:ALL) ALL 所在的位置,把所要添加的用户添加到文件之中,

顺便提一下vi编辑器的用法。刚进入vi编辑器的时候牌命令行模式,这时可以通过方向键来移动光标,找到要编辑的位置之后按下“i”,然后就进入了插入模 式,这时候你可以输入或删除字符。编辑完成之后按“esc”键退出插入模式,进入命令行模式,这时候按“:”可以进入末行模式,输入“wq”保存并退出。

下面是添加完的结果。
# User privilege specification
root ALL=(ALL:ALL) ALL
nagios ALL=(ALL:ALL) ALL (这一行是添加的内容,nagios是我的用户名)
# Members of the admin group may gain root privileges
min ALL=(ALL) ALL
………………….


然后需要把sudoers 的写权限去掉(否则系统不允许执行suoders文件):
[root@Nagios]# chmod u-w /etc/sudoers
至此,在退出root用户之后就可以利用sudo命令来执行超级用户的权限了。

分享到: