Linux Cloud Computing -04_Linux User and Permission Management

Linux is a multi-user operating system, the introduction of users, can be more convenient to manage the Linux server, the system needs to be logged in as a user by default, and in the system to start the process also needs to run as a user identity, the user can limit some processes on the specific resources of the authority control.

This chapter introduces the Linux system how to manage the creation, deletion, modification of user roles, user permissions configuration, group permissions configuration and special permissions in-depth analysis.

Linux users and groups

Linux operating system for the management of multiple users, is very cumbersome, so the concept of groups to manage users becomes simple, each user can be in an independent group, each group can also have zero users or more users.

The default ID length is 32 bits, and the default ID number starts from 0. However, for compatibility with the old system, the user ID is limited to less than 60000. Linux users are divided into three categories, respectively as follows:

Root user (ID 0)
System User (ID 1-499)
Ordinary User (ID above 500)

Each file or folder in the Linux system has a user and group to which it belongs. The ID command can display the information of the current user, and the passwd command can modify the password of the current user. The characteristics of Linux operating system users are as follows:

Each user has a userID, and the operating system actually reads the UID instead of the user name.
Each user belongs to a master group and one or more affiliate groups, with a maximum of 31 affiliate groups for each user.
Each group has a GroupID;
Each process runs as a user, who can have resource control rights over the process.
Each loggable user has a specified Shell environment.

Linux user management

Linux users in the operating system can carry out daily management and maintenance, related to the relevant configuration files as follows:

/etc/passwd holds user information
/etc/shdaow saves user password (in encrypted form)
/etc/group holds the group information
/etc/login.defs User attribute restrictions, password expiration time, password maximum length restrictions, etc
/etc/default/useradd displays or changes the default useradd configuration file

To create a new user, you can use the command useradd. Execute the command useradd superman to create a superman user, and create a group superman with the same name. By default, this user belongs to the main superman group.

The useradd superman command creates the user superman by default by following these steps:

Add user information to /etc/passwd file;
If you create a password using the passwd command, it will be encrypted and stored in /etc/shdaow.
Create directory for superman: /home/superman;
Copy files starting with.bash from /etc/skel to /home/superman.
Create a superman group with the same username. By default, the superman user belongs to the group of the same name.
The Superman group information is stored in the /etc/group configuration file.

When creating a user with the useradd command, you can support the following parameters:

-b, --base-dir BASE_DIR Specifies the home directory of the new account; -b, --base-dir BASE_DIR -c, --comment new account GECOS field; -d, --home-dir HOME_DIR The home directory of the new account; -d, --defaults displays or changes the default useradd configuration; -e, --expiredate EXPIRE_DATE The date the new account expired; -f, --inactive password for new account; -g, --gid GROUP The name or ID of the primary GROUP of the new account; -g, --groups list of additional groups for the new account; -h, --help displays this help information and pushes it out; -k, --skel SKEL_DIR uses this directory as the skeleton directory; -k, --key key =VALUE /etc/login.defs; -l, --no-log-init Do not add this user to the database of recent logins and failed logins; -m, --create-home creates the user's home directory; -m, --no-create-home does not create the user's home directory; -n, --no-user-group does not create groups with the same name; -o, --non-unique allows the user to be created using a duplicate UID; -p, --password encrypted new account password; -r, --system create a system account; -r, --root CHROOT_DIR chroot; -s, --shell login shell for new account; -u, --uid uid The user ID of the new account; -u, --user-group creates a group with the same name as the user; -z, --selinux-user SEUSER Specifies the SEUSER used for the selinux user mapping.

2.1 Useradd case demonstration

1. Create a new superman2 user and add it to the superman, superman1 subgroup

[root@superman-vm01 ~]# useradd -G superman,superman1 superman2
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# cat /etc/passwd|grep superman2
superman2:x:1001:1002::/home/superman2:/bin/bash
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# id superman2
uid=1001(superman2) gid=1002(superman2) groups=1002(superman2),1000(superman),1001(superman1)
[root@superman-vm01 ~]#

2. Create a new Superman3 user and specify a new home directory and a SHELL to log in to

[root@superman-vm01 ~]# useradd superman3 -d /data/superman3 -s /bin/bash [root@superman-vm01 ~]# [root@superman-vm01 ~]# cat /etc/passwd|grep superman3 superman3:x:1002:1003::/data/superman3:/bin/bash [root@superman-vm01 ~]# [root@superman-vm01 ~]# id superman3 uid=1002(superman3) gid=1003(superman3) groups=1003(superman3) [root@superman-vm01 ~] #

3 Linux group management

All Linux or Windows systems have the concept of groups, through which users can be more conveniently managed. The concept of groups can be applied to all walks of life, for example, enterprises may use the classification of departments, functions or geographical regions to manage members. In Linux, users can also be created and managed by the concept of groups.

The Linux group has the following features:

Each group has a group ID;
Group information is stored in /etc/group;
Each user has at least one primary group and can have as many as 31 subsidiary groups.

GroupAdd, GroupDel, GroupMod are used to manage groups with the following parameters:

GroupAdd usage -f, --force exits successfully if the group already exists; And cancel -g if the GID already exists; -g, --gid gid uses the gid for the new group; -h, --help displays this help information and pushes it out; -k, --key key =VALUE /etc/login.defs; -o, --non-unique Allows you to create groups with duplicate GIDs; -p, --password uses this encrypted password for the new group; -r, --system create a system account; Groupmod usage -g, --gid gid changes the group ID to gid; -h, --help displays this help information and pushes it out; -n, --new-name NEW_GROUP changed to NEW_GROUP; -o, --non-unique allows the use of a duplicate GID; -p, --password Change the password to (encrypted) password; GroupDel superman deletes the superman group;

3.1 Group management case demonstration

1, groupAdd create Hanxiao group

[root@superman-vm01 ~]# groupadd hanxiao
[root@superman-vm01 ~]#

Create group hanxiao and specify a GID of 1010

[root@superman-vm01 ~]# groupadd -g 1010 hanxiao1
[root@superman-vm01 ~]#

Create a system group named hanxiao2 group

[root@superman-vm01 ~]# groupadd -r hanxiao2 
[root@superman-vm01 ~]#
[root@superman-vm01 ~]# cat /etc/group|grep hanxiao2
hanxiao2:x:982:
[root@superman-vm01 ~]#

GroupMod change the group name, change the Hanxiao group name to Hanxiao1

[root@superman-vm01 ~]# groupmod -n hanxiao3 hanxiao
[root@superman-vm01 ~]#

5, groupMOD change the group GID number, change the original Hanxiao1 group GID to GID 1020

[root@superman-vm01 ~]# cat /etc/group|grep hanxiao1
hanxiao1:x:1010:
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# groupmod -g 1020 hanxiao1
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# cat /etc/group|grep hanxiao1
hanxiao1:x:1020:
[root@superman-vm01 ~]#

4 Linux user and group cases

UserAdd is mainly used to create a new user, and after the user is created, you can use usermod to modify the properties of the user and group, as follows:

-c, --comment new value of GECOS field; -c, --comment new value of GECOS field; -d, --home HOME_DIR user's new home directory; Set EXPIRE_DATE as EXPIRE_DATE; set EXPIRE_DATE as EXPIRE_DATE; Mysql > set password as "invalid"; -g, --gid GROUP enforces GROUP as the new master GROUP; -g, --groups New list of additional groups groups; -a, -- APPEND GROUP appends the user to the additional GROUP mentioned in -g above and does not delete the user from other groups; -h, --help displays this help information and pushes it out; -l, -- new login name; -l, --lock the user account; -m, --move-home moves the contents of the home directory to a new location (used with -d only); -o, --non-unique allows duplicate (non-unique) uids to be used; -p, --password Set the encrypted password (password) to the new password; -r, --root CHROOT_DIR chroot; -s, --shell shell new login environment for this user account; -u, --uid uid The new uid of the user account; -u, -- Unlock the user account; -z, --selinux-user SEUSER new selinux user mapping for user account.

4.1 UserMod Case Demo

1. Modify the superman user group to superman, superman2 affiliate group;

[root@superman-vm01 ~]# id superman
uid=1000(superman) gid=1000(superman) groups=1000(superman)
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# usermod -G superman,superman2 superman 
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# id superman
uid=1000(superman) gid=1000(superman) groups=1000(superman),1002(superman2)
[root@superman-vm01 ~]#

2. Add superman user to superman3, superman4 affiliate group, -a is to add a new group, the original group remains;

[root@superman-vm01 ~]# id superman
uid=1000(superman) gid=1000(superman) groups=1000(superman),1002(superman2)
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# usermod -a -G superman3,superman4 superman  
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# id superman
uid=1000(superman) gid=1000(superman) groups=1000(superman),1002(superman2),1003(superman3),1021(superman4)
[root@superman-vm01 ~]#

3. Modify the user Superman and specify a new home directory, as well as the login SHELL;

[root@superman-vm01 ~]# cat /etc/passwd|grep superman
superman:x:1000:1000:superman:/home/superman:/bin/bash
superman2:x:1001:1002::/home/superman2:/bin/bash
superman3:x:1002:1003::/data/superman3:/bin/bash
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# usermod -d /tmp/ -s /bin/sh superman
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# cat /etc/passwd|grep superman       
superman:x:1000:1000:superman:/tmp/:/bin/sh
superman2:x:1001:1002::/home/superman2:/bin/bash
superman3:x:1002:1003::/data/superman3:/bin/bash
[root@superman-vm01 ~]#

4. Change the username superman to superman;

[root@superman-vm01 ~]# cat /etc/passwd|grep superman       
superman:x:1000:1000:superman:/tmp/:/bin/sh
superman2:x:1001:1002::/home/superman2:/bin/bash
superman3:x:1002:1003::/data/superman3:/bin/bash
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# usermod -l hanxiao superman 
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# cat /etc/passwd|grep superman
superman2:x:1001:1002::/home/superman2:/bin/bash
superman3:x:1002:1003::/data/superman3:/bin/bash
hanxiao:x:1000:1000:superman:/tmp/:/bin/sh
[root@superman-vm01 ~]#

5. Lock Superman user and unlock Superman user method;

[root@superman-vm01 ~]# usermod -L superman2         
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# su - superman2
Last login: Thu Jul  8 07:41:18 CST 2021 on pts/0
[superman2@superman-vm01 ~]$ 
[superman2@superman-vm01 ~]$ su - superman2
Password: 
su: Authentication failure
[superman2@superman-vm01 ~]$ exit
logout
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# usermod -U superman2
[root@superman-vm01 ~]# 
[root@superman-vm01 ~]# su - superman2
Last login: Thu Jul  8 07:42:49 CST 2021 on pts/0
Last failed login: Thu Jul  8 07:43:16 CST 2021 on pts/0
There were 2 failed login attempts since the last successful login.
[superman2@superman-vm01 ~]$ 
[superman2@superman-vm01 ~]$ su - superman2
Password: 
Last login: Thu Jul  8 07:43:29 CST 2021 on pts/0
[superman2@superman-vm01 ~]$

4.2 UserDel case demonstration

Use UserDel to delete the mailbox directory or SELinux mapping environment for a specified user and its users:

Userdel Superman keeps the user’s home directory;
Userdel — r superman delete user and user home directory, user login system cannot delete;
Userdel — rf superman forces to delete the user and the user’s home directory, regardless of login system.

5 Linux permission management

Linux permissions are the mechanism used by the operating system to restrict access to resources. Permissions are generally divided into read, write, and execute. Each file in the system has a specific permissions, belongs to the user and belongs to the group, through such a mechanism to limit which users or user groups can carry out the corresponding operation on a particular file.

Each Linux process runs as a user, and the process has the same privileges as the user; the more privileges the user has, the more privileges the process has.

All files and folders in LNUX have at least three permissions. The common permissions are shown in the table below:

permissions	Impact on files	Impact on the directory
R (read)	The file contents can be read	Directory contents can be listed
W (write)	File contents can be modified	You can create deleted content in a directory
X (Execution)	Can be executed as a command	Accessible directory content
Directories must have X permissions or their contents cannot be viewed

Linux permissions are authorized by default to three roles, namely, User, Group, and Other. The relationship between Linux permissions and users is as follows:

U stands for User, G stands for Group, O stands for Other;
Permissions for each file are set based on UGO;
Permissions in groups of three (RWX), which require authorization to three roles, UGO;
Each file has a user and group to which it belongs, corresponding to UGO. The user or group that does not belong to the file is represented by O.

On a Linux system, you can view the detailed properties of the directory with ls -l, as shown below:

[root@superman-vm01 ~]# ls -l /home
drwxr-xr-x  2 superman superman       15 Jul  7 07:27 superman

Shuchaoyang directory property parameters detailed as follows:

D is a directory. If the same location is -, it is a common file.
Rwxrwxr-x represents the permissions of three roles, each three roles is a kind of role, in order to be u, g, o permissions, as above means user permissions is RWX, group permissions is r-x, other permissions is r-x;
2 refers to the number of links of the folder, which can be understood as the number of subdirectories of the directory;
From left to right, the first superman is the user name and the second superman is the group name. The other roles are not displayed by default.
15 represents the number of bytes occupied by the folder;
Jul 7 07:27 indicates when the file was created or modified;
The superman on the far right is the name of the directory, or the file name.

6 Chown belongs to the master and the generic group

Modify the owner and group of a user and group to folder by using the command chown. The example is as follows:

1. Change the user of Superman folder to root, where -r means to recursively process all files and subdirectories.

[root@superman-vm01 ~]# cd /home
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
drwx------ 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# chown -R root superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
drwx------ 3 root superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

2. Change the group that the Superman folder belongs to to root.

[root@superman-vm01 home]# ll total 0 drwx------ 3 root superman 78 Jul 9 05:57 superman [root@superman-vm01 home]# [root@superman-vm01 home]# chown -R :root superman [root@superman-vm01 home]# [root@superman-vm01 home]# ll total 0 DRWX ------ 3 root root 78 Jul 9 05:57 superman [home]# or [home]# ll total 0 drwx------ 3 root superman 78 Jul 9 05:57 superman [root@superman-vm01 home]# [root@superman-vm01 home]# chgrp -R root superman [root@superman-vm01 home]# [root@superman-vm01 home]# ll total 0 drwx------ 3 root root 78 Jul 9 05:57 superman  [root@superman-vm01 home]#

3. Modify the user and group of the “superman” folder to “superman”.

[root@superman-vm01 home]# ll
total 0
drwx------ 3 root root 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chown -R superman:superman superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
drwx------ 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

7 Chmod user and group permissions

Modify the permissions of a user or group to a folder by using the command chmod, where refers to ugo, and, -, = represents the corresponding permissions of add, delete and equal. The specific cases are as follows:

1. Grant the user X privileges on the Superman directory

[root@superman-vm01 home]# ll
total 0
drw------- 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chmod -R u+x superman 
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
drwx------ 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

2. The grant group has RWX permissions on the Superman directory

[root@superman-vm01 home]# ll
total 0
drwx------ 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chmod -R g+rwx superman 
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
drwxrwx--- 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

3. Grant RWX permissions to users, groups, and others on the Superman directory

[root@superman-vm01 home]# ll
total 0
d--------- 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chmod -R u+rwx,g+rwx,o+rwx superman 
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
drwxrwxrwx 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

4. Undo user ‘w’ on superman directory

[root@superman-vm01 home]# ll
total 0
drwxrwxrwx 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chmod -R u-w superman 
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
dr-xrwxrwx 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

5. Undo users, groups, and others who have X privileges on the Superman directory

[root@superman-vm01 home]# ll
total 0
dr-xrwxrwx 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chmod -R u-x,g-x,o-x superman  
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
dr--rw-rw- 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

6. Grant users, groups, and others only Rx permissions on the Superman directory

[root@superman-vm01 home]# ll
total 0
dr--rw-rw- 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chmod -R u=rx,g=rx,o=rx superman 
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
dr-xr-xr-x 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

8 Chmod binary permissions

Linux permissions are represented by default using RWX. In order to make it easier to configure and modify permissions in the system, Linux permissions are represented by binary method, as follows:

Linux permissions can be RWX in binary representation, where permissions with 1, no permissions with 0; RWX =111 rw- x=101 rw-=110 r–=100 rw-=110 r–=100 rw-=110 r–=100 rw-=110 r–=100 RWX = 111 = 4 + 2 + 1 = 7 r – 101 x = = 4 + 0 + 1 = 5 rw – = 110 = 4 + 4 + 0 = 6 r – 100 = = 4 + 0 + 0 = 4 concluded that r = 4, w = 2, x = 1 to represent the permissions.

The following example shows how to modify permissions using binary mode, where the default permissions for the Superman directory are 755:

1. Grant users RWX permissions on the Superman directory

[root@superman-vm01 home]# ll
total 0
dr-xr-xr-x 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chmod -R 755 superman  
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
drwxr-xr-x 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

2. The grant group has RWX permissions on the Superman directory

[root@superman-vm01 home]# ll
total 0
drwxr-xr-x 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chmod -R 775 superman  
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
drwxrwxr-x 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

3. Grant RWX permissions to users, groups, and others on the Superman directory

[root@superman-vm01 home]# ll
total 0
drwxrwxr-x 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chmod -R 777 superman  
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
drwxrwxrwx 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

4. Undo user ‘w’ on superman directory

[root@superman-vm01 home]# ll
total 0
drwxrwxrwx 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chmod -R 555 superman  
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
dr-xr-xr-x 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]

5. Undo users, groups, and others who have X privileges on the Superman directory

[root@superman-vm01 home]# ll
total 0
dr-xr-xr-x 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chmod -R 644 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
drw-r--r-- 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

6. Grant users, groups, and others only Rx permissions on the Superman directory

[root@superman-vm01 home]# ll
total 0
drw-r--r-- 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]# 
[root@superman-vm01 home]# chmod -R 555 superman 
[root@superman-vm01 home]# 
[root@superman-vm01 home]# ll
total 0
dr-xr-xr-x 3 superman superman 78 Jul  9 05:57 superman
[root@superman-vm01 home]#

Linux special permissions and masks

In addition to the common RWX permissions, Linux permissions have a number of special permissions, careful readers will find that Linux directory default permissions 755, and files default permissions 644, this is because of the Linux permissions mask umask.

Every Linux terminal has a umask property. The umask is used to determine the default permissions for new files and directories. The default system permissions mask is 022. For each file or directory created in the system, the default permission of the file is 666, while the permission of the directory is 777. The permission is relatively open to the outside world, so after setting the permission mask, the default permission of the file and directory minus the umask value is the real permission of the file and directory.

The corresponding directory permissions are: 777-022=755;
The corresponding file permissions are: 666-022=644;
Run the umask command to see the current default mask, and umask-s 023 can set the default permission mask.

In addition to the normal permissions, there are three special permissions as shown in the following table:

permissions	Impact on files	Impact on the directory
suid	Executes as the user to which the file belongs, not as the user who executed the file	There is no
sgid	Execute as the group to which the file belongs	Any new file created in this directory belongs to the same group as the directory belongs to
sticky	There is no	Users with write permissions to directories can delete only files owned by them, not files owned by other users

The following is the way to set special permissions in Linux:

Set suid: chmod u+s superman
Set sgid: chmod g+s Superman
Set sticky: chmod o+t superman

Like setting normal permissions, special permissions can be expressed numerically:

SUID = 4
SGID = 2
Sticky = 1

Chmod 4755 Superman allows you to grant s privileges to this directory. Some common uses of s permissions on Linux include su, passwd, and sudo

[root@superman-vm01 home]# ll total 0 dr-xr-xr-x 3 superman superman 78 Jul 9 05:57 superman [root@superman-vm01 home]# [root@superman-vm01 home]# chmod 4755 superman [root@superman-vm01 home]# [root@superman-vm01 home]# ll total 0 drwsr-xr-x 3 superman superman 78 Jul 9 05:57 superman [root@superman-vm01 home]# [root@superman-vm01 ~]# ll /usr/bin/su  -rwsr-xr-x. 1 root root 32208 Oct 31 2018 /usr/bin/su [root@superman-vm01 ~]# [root@superman-vm01 ~]# ll /usr/bin/passwd -rwsr-xr-x. 1 root root 27832 Jun 10 2014 /usr/bin/passwd [root@superman-vm01 ~]# [root@superman-vm01 ~]# ll /usr/bin/sudo ---s--x--x. 1 root root 147392 Oct 31 2018 /usr/bin/sudo [root@superman-vm01 ~]#

Welcome to pay attention to my WeChat public number [super brother’s IT private food] for more technical dry goods!

If you have any jokes or feedback, just tell me! I will solve the problem you said, further better service you oh!