1. su
If you need to add a user after logging into the system as user1 with an ordinary user, but it is useful and does not have useradd permissions, then there are two ways:
1. First use exit to exit, then log in as root user, and then useradd to increase the user.
2. Use the su command, su is switch user to switch.
(1) When the su command does not add parameters, it switches to the root user by default. As long as you enter the root password, you can switch to the root identity until you exit with exit.
Note that although I switch to root here, I don’t actually switch home directory automatically.
(2) Adding a - parameter to the su command can not only switch to root, but also apply the root environment.
You can see that the prompt has changed from $#.
2. sudo
Execute commands with other user identities and permissions, rather than switching users.
Although the above su command is convenient, it requires knowing the user's password in advance. If it is leaked, the system security will be severely challenged.
Syntax: UserMySQLTo modify the password using user1: sudo passwd user1 .
The principle is: when running the command, the system checks the /etc/sudoers configuration file to see if the user has permission to execute sudo. If there is permission, the system requires the user to enter his own password. If the password is entered correctly, the system will run the passwd xx command as root.
/etc/sudoers file can be modified with vi (not recommended), but considering that the configuration file is important, Linux provides the visudo command to modify the file, and it automatically detects the syntax when saving to prevent configuration errors from being unable to use the sudo command.
The meaning is:
(1) User mysql (column 1) can log in from anywhere (column 2), execute anyone's (column 3), any command (column 4).
(2) You can also write this way: %mysql ALL=(ALL) ALL means letting users belonging to the mysql user group log in from anywhere and execute any commands from anyone.
(3) If you don’t want to enter your password, you can configure it like this: %mysql ALL=(ALL) NOPASSWD: ALL, but this is not very safe.
(4) It is best not to set the last column to ALL, because this is equivalent to having all the permissions of root, which can be set according to requirements, such as the permissions of mysql users to turn off or restart the server:
%mysql ALL=(ALL) NOPASSWD:/sbin/shutdown, /usr/bin/reboot
First, create a new user user1:
Then, the mysql user uses sudo to modify the password of user user1. If the password of the mysql user is not correct for inputting three consecutive times, the sudo command will not be executed: