Linux 通过shell脚本将用户添加到sudoers
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/8784761/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Adding users to sudoers through shell script
提问by nickw444
Is it possible to add users to the sudoers file through a shell script? I've been looking around, still can't find anything.
是否可以通过 shell 脚本将用户添加到 sudoers 文件中?我一直在四处寻找,仍然找不到任何东西。
采纳答案by wchargin
You could simply echo(with elevated privileges, of course) directly to the /etc/sudoersfile:
您可以简单地echo(当然具有提升的权限)直接访问该/etc/sudoers文件:
sudo -i
echo 'nickw444 ALL=(ALL:ALL) ALL' >> /etc/sudoers
# ^^
# tab
(note the tab character between the username and the first ALL)
(注意用户名和第一个之间的制表符ALL)
Or, for a script:
或者,对于脚本:
#!/bin/bash
# Run me with superuser privileges
echo 'nickw444 ALL=(ALL:ALL) ALL' >> /etc/sudoers
Then save to somefile.sh, chmod a+rxit, and run sudo ./somefile.shfrom a terminal window.
然后保存到somefile.sh,chmod a+rx它,并sudo ./somefile.sh从终端窗口运行。
To add multiple users, change the script to this;
要添加多个用户,请将脚本更改为此;
#!/bin/bash
while [[ -n ]]; do
echo " ALL=(ALL:ALL) ALL" >> /etc/sudoers;
shift # shift all parameters;
done
Then, run the script like this (assuming you saved it as addsudousers.sh):
然后,像这样运行脚本(假设您将其另存为addsudousers.sh):
sudo ./addsudousers.sh bob joe jeff
that is, space-separated.
即空格分隔。
To read the names from a file:
要从文件中读取名称:
nickw444@laptop ~ $ sudo ./addsudousers.sh `cat listofusers.txt`
listofusers.txtshould also be space-separated.
listofusers.txt也应该是空格分隔的。
Edit:Jappie Kirk rightly points outthat you can't directly call sudo echo ... >> /etc/sudoersbecause the >>redirection is handled by the shell, which has by that point dropped the superuser privileges. However, if you run a script that contains echo ... >> /etc/sudoersand the script itself has superuser privileges, everything should work just fine.
编辑:Jappie Kirk正确地指出您不能直接调用,sudo echo ... >> /etc/sudoers因为>>重定向是由 shell 处理的,此时 shell 已经放弃了超级用户权限。但是,如果您运行包含echo ... >> /etc/sudoers的脚本并且脚本本身具有超级用户权限,则一切都应该正常工作。
回答by Basile Starynkevitch
There is also the sudogroup, and you could add users to it (for common configurations of /etc/sudoers)
还有sudo组,您可以向其中添加用户(用于 的常见配置/etc/sudoers)
adduser [username] sudo
adduser [用户名] sudo
回答by Apollo
No, a straight echo won't work, you have to run it in a subshell. Try this instead:
不,直接回声不起作用,您必须在子shell中运行它。试试这个:
sudo sh -c "echo \"group ALL=(user) NOPASSWD: ALL\" >> /etc/sudoers"
sudo sh -c "echo \"group ALL=(user) NOPASSWD: ALL\" >> /etc/sudoers"
回答by Jur P
Login as root to your machine. The root user are the only one who has privilege to add new user.
以 root 用户身份登录到您的机器。root 用户是唯一有权添加新用户的用户。
Once you logged-in, you may now try the following commands below:
登录后,您现在可以尝试以下命令:
Create a new user.
adduser [username]
Add password to user
passwd [username]
Grant root privileges to user Edit the visudo file by simply typing
enter code here
创建一个新用户。
adduser [用户名]
给用户添加密码
密码 [用户名]
授予用户 root 权限 只需键入即可编辑 visudo 文件
在此处输入代码
Find the following line of code: root ALL=(ALL) ALL
找到以下代码行:root ALL=(ALL) ALL
Then add this code below:
然后在下面添加此代码:
[username] ALL=(ALL) ALL
The original post will find on this link Centos 6 – Creating sudoers user
原始帖子将在此链接上找到Centos 6 – Creating sudoers user
回答by Luke Exton
Other answers such as spawning a subshell will work, but may not work if you want to use environmental vars. One alternative I found played really nicely for me:
其他答案(例如生成子外壳)可以使用,但如果您想使用环境变量,则可能无法使用。我发现另一种选择对我来说非常好:
echo "%<user> ALL=(ALL) ALL" | sudo tee -a /etc/sudoers > /dev/null
This being said, hindsight is 20/20... If modifying sudoers via a script and not via visudo I would seriously recommend creating a backup with the right file permissions and contents first since you can lose access to any sudo rights without pkexec, physical access or a reboot etc.
话虽如此,事后看来是 20/20 ......如果通过脚本而不是通过 visudo 修改 sudoers,我会认真建议首先创建具有正确文件权限和内容的备份,因为如果没有 pkexec,物理,您可能无法访问任何 sudo 权限访问或重新启动等。
sudo cp /etc/sudoers /etc/sudoers.bak
回答by Mahdi Rashidi
on RedHat BasedDistributions use:
在基于 RedHat 的发行版上使用:
su - root
and enter your password, then :
并输入您的密码,然后:
echo 'YOURUSERNAME ALL=(ALL:ALL) ALL' >> /etc/sudoers
to add the user in sudoers file.
在 sudoers 文件中添加用户。
回答by Syed Abdul Qadeer
Single line to create user with password and in sudo group.
使用密码在 sudo 组中创建用户的单行。
useradd -p $(openssl passwd -1 PASSWORD) USERNAME-s /bin/bash -G sudo
useradd -p $(openssl passwd -1 PASSWORD)用户名-s /bin/bash -G sudo
回答by avivamg
In order to grant to user sudo permission in shell script(Unix/Linux) use the usermod function:
为了在 shell 脚本(Unix/Linux)中授予用户 sudo 权限,请使用usermod 函数:
sudo usermod -aG sudo <userName>
example:
例子:
sudo usermod -aG sudo johnDoe
For Verification:use the groups function( which show the group membership ) and verify the sudo group us under the right user.
验证:使用组功能(显示组成员身份)并在正确的用户下验证 sudo 组 us。
groups <userName>
example:
例子:
groups johnDoe
#!johnDoe: johnDoe sudo
Explanation from linux documentation:
来自linux 文档的解释:
The usermod command modifies the system account files to reflect the changes that are specified on the command line.
-a, --append
Add the user to the supplementary group(s). Use only with the -G option.
-G, --groupsGROUP1[,GROUP2,...[,GROUPN]]]
A list of supplementary groups which the user is also a member of. Each group is ?> separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the -g option. If the user is currently a member of a group which is not listed, the user will be removed from the group. This behaviour can be changed via the -a option, which appends the user to the current supplementary group list.
usermod 命令修改系统帐户文件以反映在命令行上指定的更改。
-a, --append
将用户添加到补充组。仅与 -G 选项一起使用。
-G, --groupsGROUP1[,GROUP2,...[,GROUPN]]]
用户也是其成员的补充组列表。每个组用 ?> 与下一个用逗号隔开,中间没有空格。这些组受到与使用 -g 选项给出的组相同的限制。如果用户当前是未列出的组的成员,则该用户将从该组中删除。可以通过 -a 选项更改此行为,该选项将用户附加到当前的补充组列表。
回答by Reborn
I want continue about add user to sudoers. I already create, but the problem is when I run twice the shell script it will add again.
我想继续将用户添加到 sudoers。我已经创建了,但问题是当我运行两次 shell 脚本时,它会再次添加。
Please see below my script
请看下面我的脚本
for i in $(cat users); do
useradd $i
chsh $i /usr/bin/ksh93
echo "user $i added successfully!"
echo $i 'ALL=(ALL) NOPASSWD: ALL' >> /HAapps/sudoers
echo $i:$i"123" | chpasswd
echo "Password for user $i changed successfully"
done
=============
==============
this is the result
这是结果
ario1 ALL=(ALL) NOPASSWD: ALL
ario2 ALL=(ALL) NOPASSWD: ALL
How to check or verify if the user already exist, so don't need add again ? Thank you All Master Need your advice
如何检查或验证用户是否已经存在,所以不需要再次添加?谢谢各位大师 需要您的建议
回答by Curious Sam
In Debian and Ubuntu you can add users to the /etc/sudoers.ddirectory. The directory has a README file. Create a file called 99_sudo_include_fileand drop it in the /etc/sudoers.d/directory. It's easy to remove users or add users, just create a new file and overwrite the old file. You can simply echo your new file and overwrite the old file each time you want to change it.
在 Debian 和 Ubuntu 中,您可以将用户添加到/etc/sudoers.d目录中。该目录有一个 README 文件。创建一个名为的文件99_sudo_include_file并将其放入/etc/sudoers.d/目录中。删除用户或添加用户很容易,只需创建一个新文件并覆盖旧文件即可。您可以简单地回显新文件并在每次要更改旧文件时覆盖旧文件。
echo '#== Visudo Users - All Permissions
#== ==============================
usersam ALL=(ALL) ALL
userlam ALL=(ALL) ALL
userfam ALL=(ALL) ALL
#== Visudo Users - Certain Scripts
#== ==============================
userkam ALL=NOPASSWD: /path/to/script.sh, /path/to/script2.sh
useroam ALL=NOPASSWD: /path/to/script.sh, /path/to/script2.sh
userpam ALL=NOPASSWD: /path/to/script.sh, /path/to/script2.sh
#== Visudo Users - Certain Commands
#== ===============================
userpam ALL=NOPASSWD: /sbin/reboot, /usr/bin/apt-get
userwam ALL=NOPASSWD: /sbin/reboot, /usr/bin/apt-get' > /etc/sudoers.d/99_sudo_include_file
This way you don't touch your original /etc/sudoersfile
这样你就不会碰你的原始/etc/sudoers文件
