Shulou(Shulou.com)06/01 Report--

This article mainly introduces how to solve the error tips when using the Linux command line, which has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, let the editor take you to understand it.

Have you ever got an "Permission denied" error when using the Linux command line? This may be because you are trying to perform an operation that requires root permission. For example, the screenshot below shows the error that occurs when I try to copy a binary file to a system directory.

Access denied by shell

So how to solve this mistake? Quite simply, use the sudo command.

Run commands with sudo

Users will be prompted to enter their login password after running this command. Once the correct password is entered, the operation will be performed successfully.

There is no doubt that sudo is a command that anyone who uses the command line on Linux must know. However, in order to use the command more responsibly and effectively, you still need to know some relevant (and in-depth) details. This is what we will discuss in this article.

Before we proceed, it is worth mentioning that all the command instructions mentioned in this article have been tested under version 4.3.11 of Bash under Ubuntu 14.04 LTS.

What is sudo?

As most of you know, sudo is used to execute commands that require elevated privileges (usually as a root user). Such an example has been discussed in the introduction section earlier in this article. However, you can use sudo to run commands on other (non-root) users if you want.

This is achieved by the-u command line option provided by the tool. For example, as shown in the following example, I (himanshu) tried to rename a file in the Home directory of another user (howtoforge), but got an "access denied" error. Then I added sudo-u howtoforge and used the same "mv" command, which was successfully executed:

What is sudo?

Can anyone use sudo?

No. For a user to be able to use sudo, there should be a piece of information related to that user in the / etc/sudoers file. The following excerpt from the Ubuntu website makes it clearer:

The / etc/sudoers file controls who can run what commands on which machine as which user, as well as special situations, such as whether a password is required for a particular command. This file consists of the alias aliases (basic variable) and the user ID user specifications (which controls who can run what commands).

If you are using Ubuntu, it is easy for a user to run the sudo command: all you need to do is change the account type to administrator administrator. This can be done directly in the system setting System Settings-> user account User Accounts.

Sudo user

First unlock the window:

Unlocking window

Then select the user for which you want to change the user type, and then change the type to administrator administrator.

Choose sudo accounts

However, if you do not use Ubuntu, or if your distribution does not provide this feature, you can manually edit the / etc/sudoers file to make this change. To add a line like this to the file:

[user] ALL= (ALL:ALL) ALL

Needless to say, [user] should be replaced by the user name of the user you want to upgrade your sudo privileges. An important thing worth mentioning here is that officials recommend editing the file through the visudo command-all you need to do is run the following command:

Sudo visudo

To explain what's going on, here's a summary from the visudo manual:

Visudo edits the sudoers file in safe mode. Visudo locks the sudoers file to prevent multiple edits from happening at the same time, providing basic sanity checks and syntax error checking. If the sudoers file is being edited now, you will receive a message to try again later.

For more information about visudo, go here.

What is a sudo session

If you often use the sudo command, you must have noticed that when you successfully enter a password, you can run the sudo command several times without entering a password. But after a while, the sudo command will ask for your password again.

This phenomenon has nothing to do with the number of sudo commands run, but with time. Yes, by default, sudo will not ask for a password again within 15 minutes after entering a password. After 15 minutes, you will be asked to enter your password again.

However, you can change that if you want to. Open the / etc/sudoers file with the following command:

Sudo visudo

Find this line:

Defaults env_reset

Env_reset

Then add the following variables to the line * *:

Defaults env_reset,timestamp_timeout= [new-value]

[new-value] is the number of times you want the sudo session to last. For example, set the value to 40.

Sudo timeout value

If you want to require a password every time you use the sudo command, you can assign this variable to 0. For sudo sessions to never be out of date, assign a value of-1.

Note that assigning the value of timestamp_timeout to "- 1" is highly deprecated.

Sudo password

You may have noticed that when sudo asks for a password and you start typing, it doesn't display anything-not even a regular asterisk. It's not a big deal, but some users just want to show an asterisk.

The good news is that it's possible and easy to do. All you need to do is put the following lines in the / etc/sudoers file:

Defaults env_reset

Change to

Defaults env_reset,pwfeedback

Then save the file.

Now, whenever you enter the sudo password, the asterisk will be displayed.

Hide the sudo password

Some important sudo command line arguments

In addition to the-u command-line arguments (which we discussed at the beginning of this tutorial), there are other important sudo command-line arguments that are worth noting. In this section, we will discuss some of them.

-k parameter

Consider this situation: you have just run several sudo-driven commands after entering the password. Now, as you know, sudo sessions last 15 minutes by default. Suppose you need to give someone access to your terminal during this session, but you don't want them to be able to use sudo. What would you do?

Fortunately, there is a-k command-line argument that allows the user to revoke sudo privileges. This is what the sudo help page (man page) explains:

-k,-- reset-timestamp

Revoke the user's cached credentials when used without any command. In other words, the next time you use sudo will require a password. You don't need a password to use this parameter, but you can put it in a .logout file to revoke sudo permissions.

When used with a command, or an operation that may require a password, this parameter will cause sudo to ignore the user's cached credentials. The result is that sudo requires a password (if this is required by security policy) and does not update the user's cached credentials.

-s parameter

Sometimes your job requires you to run a bunch of commands that require root permission, and you don't want to enter your password every time. You also don't want to adjust the expiration time of sudo sessions by changing the / etc/sudoers file.

In this case, you can use the-s parameter of sudo. This is how the sudo help page explains this:

-s-- shell

If the SHELL environment variable is set or the calling user's password database specifies shell, the shell is run. If a command is specified, the command will be passed to the shell for execution through the-c parameter of the shell. If no command is specified, an interactive shell is executed.

So, basically, what this command parameter does is:

Start a new shell-as to which shell, refer to the SHELL environment variable assignment. If $SHELL is empty, the shell defined in / etc/passwd will be used.

If you pass a command name with the-s argument (for example, sudo-s whoami), you are actually executing sudo / bin/bash-c whoami.

If you don't try to execute other commands (that is, you just want to run sudo-s), you'll get an interactive shell with root permissions.

Remember, the-s command line argument gives you a shell with root permissions, but that's not a root environment-- it's your own .bashrc. For example, in the new shell run by sudo-s, executing the whoami command will still return your user name, not root.

-I parameter

The-I parameter is similar to the-s parameter we discussed. However, there is still a difference. An important difference is that-I gives you a root environment, which means that your. Bashrc is ignored. It's like being a root without explicitly logging in with root. In addition, you don't have to enter the root password.

Important: note that the su command also allows you to switch users (switch to root by default). This command requires you to enter your root password. To avoid this, you can use sudo to execute it (sudo su) so that you only need to enter your login password. However, there are implicit differences between su and sudo su-- to understand them, and how they differ from sudo-I, see here.

Thank you for reading this article carefully. I hope the article "how to solve the mistakes in using the Linux command line" shared by the editor will be helpful to everyone. At the same time, I also hope that you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.