###
1.创建test用户,设置密码
[root@jira ~]# useradd test [root@jira ~]# passwd test Changing password for user test. New password: BAD PASSWORD: The password is shorter than 8 characters Retype new password: passwd: all authentication tokens updated successfully.
2.授权test用户可以 以root权限运行netstat命令
[root@jira ~]# cat /etc/sudoers # **** ## Allow root to run any commands anywhere root ALL=(ALL) ALL #(为普通用户test赋予root权限) #第一个ALL:所有地方都可以登陆,localhost只能本机登陆。 #第二个(ALL):表示什么身份的用户都执行。’ #第三个ALL:表示所有命令都可以使用
#NOPASSWD:表示不用输入root密码即可执行 test ALL=(ALL) NOPASSWD:/usr/bin/netstat,/usr/bin/ps ## Allows members of the 'sys' group to run networking, software, ## service management apps and more. # %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS ## Allows people in group wheel to run all commands %wheel ALL=(ALL) ALL ## Same thing without a password # %wheel ALL=(ALL) NOPASSWD: ALL # ****
3.测试
# 未授权查看(需要密码,不能查看pid) [test@jira ~]$ sudo netstat -lntup We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for test: Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 :::7081 :::* LISTEN - tcp6 0 0 :::3306 :::* LISTEN -# 授权后查看(不需要密码直接以root权限查看所有内容) [root@jira ~]# su - test Last login: Thu Jan 14 15:44:25 CST 2021 on pts/2 [test@jira ~]$ sudo netstat -lntup Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1152/sshd tcp6 0 0 :::22 :::* LISTEN 1152/sshd tcp6 0 0 :::7081 :::* LISTEN 1613/docker-proxy tcp6 0 0 :::3306 :::* LISTEN 1978/mysqld
###