根据角色的不同,给不同的用户分配不同的角色
1.创建初级工程师3个,网络工程师1个,中级工程师1个,经理1个
# 批量创建用户
for user in chuji{01..03} net01 senior01 manager01 > do > useradd $user > echo "111111"|passwd --stdin $user > done;
2.创建5个开发人员,属于phpers组
groupadd -g 999 phpers for n in `seq 5` do useradd -g phpers php0$n done
3.创建开发经理,中级phper
for user in kaifaManager seniorPhper > do > useradd $user > echo "111111"|passwd --stdin $user > done
4.编辑配置文件
[root@localhost ~]# vim /etc/sudoers ########################Cmnd_Alias By FTL ################################### Cmnd_Alias CY_CMD_1=/usr/bin/free, /usr/bin/iostat,/usr/bin/top, /bin/hostname, /sbin/ifconfig, /bin/netstat, /sbin/route Cmnd_Alias GY_CMD_1=/usr/bin/free, /usr/bin/iostat,/usr/bin/top, /bin/hostname, /sbin/ifconfig, /bin/netstat, /sbin/route, /sbin/iptables, /etc/init.d/network, /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall, /bin/rpm, /usr/bin/updatedb, /usr/bin/yum, /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount Cmnd_Alias CK_CMD_1=/usr/bin/tail, /bin/grep, /var/log/messages* Cmnd_Alias GK_CMD_1=/sbin/service, /sbin/chkconfig, /bin/tail, /var/log/*, /bin/grep, /bin/cat, /bin/ls, /bin/sh Cmnd_Alias GW_CMD_1= /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /sbin/iwconfig, /sbin/mii-tool, /bin/cat, /var/log/* ########################User Aliases By FTL ################################### User_Alias CHUJI_YUNWEI_ADMINS=chuji01,chuji02,chuji03 User_Alias CHUJI_KAIFA_ADMINS=php01,php02,php03,php04,php05 User_Alias GAOJI_WANG_ADMINS=net01 ########################Runas_Alias By FTL ################################### Runas_Alias OP = root -->未来切换到某个角色执行任务 ########################Config By FTL ################################### senior01 ALL=(OP) GY_CMD_1 manager01 ALL=(ALL) NOPASSWD:ALL kaifaManager ALL=(ALL) ALL, /usr/bin/passwd [A-Za-z], !/usr/bin/passwd root, !/usr/sbin/visudo, !/usr/bin/vi *sudoer*, !/usr/bin/sudo su -, !/bin/su seniorPhper ALL=(OP) GK_CMD_1 CHUJI_YUNWEI_ADMINS ALL=(OP) CY_CMD_1 CHUJI_KAIFA_ADMINS ALL=(OP) CK_CMD_1 GAOJI_WANG_ADMINS ALL=(OP) GW_CMD_1
命令的路径要全路径别名需要大写 超过一行,用""换行 排除的命令一定在最后面写 kaifaManager 因为有ALL,所以可以直接su - 切换root,但是 sudo su -切换不了