用户XXX不在 sudoers 文件中
用户XXX不在 sudoers 文件中。此事将被报告|XXX is not in the sudoers file’ date: ‘2012-08-09T15:01:33+08:00
装好Fedora14之后,在用sudo时提示”xxx is not in the sudoers file. This incident will be reported.其中XXX是你的用户名,也就是你的用户名没有权限使用sudo,我们只要修改一下/etc/sudoers文件就行了。下面是修改方 法:
-
进入超级用户模式。也就是输入”su -“,系统会让你输入超级用户密码,输入密码后就进入了超级用户模式。(当然,你也可以直接用root用)
-
添加文件的写权限。也就是输入命令”chmod u+w /etc/sudoers”。
-
编辑/etc/sudoers文件。也就是输入命令
vim /etc/sudoers
输入”i”进入编辑模式,找到这一 行root ALL=(ALL) ALL
在起下面添加xxx ALL=(ALL) ALL
(这里的xxx是你的用户名),然后保存(就是先按一 下Esc键,然后输入”:wq”)退出。 -
撤销文件的写权限。也就是输入命令
chmod u-w /etc/sudoers
至此,问题解决。
下面为大家分享下其它网友的补充
[WinJay@WinJay ~]$ sudo yum install libstdc++.so.6
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
1) Respect the privacy of others.
2) Think before you type.
3) With great power comes great responsibility.
[sudo] password for Jeffery:
WinJay 不在 sudoers 文件中。此事将被报告。
以上是操作时报的错误 ;google后知道需要修改配置文件,就可以了。。
解决方法
#以下操作要切换到root用户下进行操作
vi /etc/sudoers
# Sudoers allows particular users to run various commands as
# the root user, without needing the root password.
#
# Examples are provided at the bottom of the file for collections
# of related commands, which can then be delegated out to particular
# users or groups.
#
# This file must be edited with the ‘visudo’ command.
# Host Aliases
# Groups of machines. You may prefer to use hostnames (perhaps using
# wildcards for entire domains) or IP addresses instead.
Host_Alias FILESERVERS = fs1, fs2
Host_Alias MAILSERVERS = smtp, smtp2
# User Aliases
# These aren’t often necessary, as you can use regular groups
# (ie, from files, LDAP, NIS, etc) in this file – just use %groupname
# rather than USERALIAS
User_Alias ADMINS = jsmith, mikem
# Command Aliases
# These are groups of related commands…
# Networking
Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool
# Installation and management of software
Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
# Services
Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig
# Updating the locate database
Cmnd_Alias LOCATE = /usr/bin/updatedb
# Storage
Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
# Delegating permissions
Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
# User Aliases
# These aren’t often necessary, as you can use regular groups
# (ie, from files, LDAP, NIS, etc) in this file – just use %groupname
# rather than USERALIAS
User_Alias ADMINS = jsmith, mikem
# Command Aliases
# These are groups of related commands…
# Networking
Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool
# Installation and management of software
Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
# Services
Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig
# Updating the locate database
Cmnd_Alias LOCATE = /usr/bin/updatedb
# Storage
Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
# Delegating permissions
Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
# Processes
Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
# Drivers
Cmnd_Alias DRIVERS = /sbin/modprobe
Defaults specification
Disable “ssh hostname sudo “, because it will show the password in clear.
You have to run “ssh -t hostname sudo “.
Defaults requiretty
Refuse to run if unable to disable echo on the tty. This setting should also be
changed in order to be able to use sudo without a tty. See requiretty above.
Defaults !visiblepw
Preserving HOME has security implications since many programs
use it when searching for configuration files. Note that HOME
is already set when the the env_reset option is enabled, so
this option is only effective for configurations where either
env_reset is disabled or HOME is present in the env_keep list.
Defaults always_set_home
Defaults env_reset
Defaults env_keep = “COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS”
Defaults env_keep += “MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE”
Defaults env_keep += “LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES”
Defaults env_keep += “LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE”
Defaults env_keep += “LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY”
Adding HOME to env_keep may enable a user to run unrestricted
commands via sudo.
Defaults env_keep += “HOME”
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
# Next comes the main part: which users can run what software on
# which machines (the sudoers file can be shared between multiple
# systems).
# Syntax:
#
# user MACHINE=COMMANDS
#
# The COMMANDS section may have other options added to it.
#
# Allow root to run any commands anywhere
root ALL=(ALL) ALL
# Allows members of the ‘sys’ group to run networking, software,
# service management apps and more.
%sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS
# Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL
WinJay ALL=(ALL) ALL
#################添加上面这行的信息##################
# Same thing without a password
%wheel ALL=(ALL) NOPASSWD: ALL
# Allows members of the users group to mount and unmount the
# cdrom as root
%users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
# Allows members of the users group to shutdown this system
%users localhost=/sbin/shutdown -h now
# Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
includedir /etc/sudoers.d
添加完成后,退出即可。
我用的是Ubuntu 12.04,在一般用户下执行sudo命令提示Nagios is not in the sudoers file. This incident will be reported.
解决方法 :
一、$whereis sudoers
找出文件所在的位置,默认都是/etc/sudoers
sudoers: /etc/sudoers.d /etc/sudoers /usr/share/man/man5/sudoers.5.gz(我这里找到三个文件位置)
二、 #chmod u+w /etc/sudoers
以超级用户登录su -root ,修改文件权限即添加文件拥有这的写权限限,ls -al /etc/sudoers 可以查看原文件的权限。
三、vim /etc/sudoers 编辑文件
在root ALL=(ALL)ALL行下添加XXX ALL=(ALL)ALL,XXX为你的用户名。添加方法:找到root行,按下”i“键进入编辑模式添加即可!编辑好后esc键进入一般模式, “:wq”保存退出!
最后, #chmod u-w /etc/sudoers 回到文件的原权限!
在 ubuntu中由于禁用了root用户,默认情况下会把安装系统时建立的用户添加到sudoers中。
但在redhat和centos中并没有把任何 root用户之外的用户默认的添加到sudoers之中。
这样我们在执行sudo 命令时就会出现xxx is not in the sudoers file. This incident will be reported.这样的错误输出。
现在为了安全起见比较提倡使用普通用户做日常操作,而在需要超级用户的时候使用sudo 来做,这样,我们就有必要把一些用户添加到sudoers之中。
其实把用户添加到sudoers之中很简单。
首先利用whereis 命令查找sudoers配置文件的目录(默认会在/etc/sudoers)
whereis sudoers
sudoers: /etc/sudoers /etc/sudoers.bak /usr/share/man/man5/sudoers.5.gz
然后需要切换到root用户,更改/etc/sudoers的权限
chmod u+w /etc/sudoers
然后就可以利用vi编辑器来把用户添加到sudoers之中
vi /etc/sudoers
然后找到root ALL=(ALL:ALL) ALL
所在的位置,把所要添加的用户添加到文件之中
顺便提一下vi编辑器的用法。刚进入vi编辑器的时候牌命令行模式,这时可以通过方向键来移动光标,找到要编辑的位置之后按下“i”,然后就进入了插入模 式,这时候你可以输入或删除字符。编辑完成之后按“esc”键退出插入模式,进入命令行模式,这时候按“:”可以进入末行模式,输入“wq”保存并退出。
下面是添加完的结果:
User privilege specification
root ALL=(ALL:ALL) ALL
nagios ALL=(ALL:ALL) ALL (这一行是添加的内容,nagios是我的用户名)
Members of the admin group may gain root privileges
min ALL=(ALL) ALL
………………….
然后需要把sudoers 的写权限去掉(否则系统不允许执行suoders文件):
chmod u-w /etc/sudoers
至此,在退出root用户之后就可以利用sudo命令来执行超级用户的权限了。
评论区