#跳板机添加用户
useradd leixiaolong #install home Dir auto
cd /home/leixiaolong
mkdir .ssh
cd .ssh
touch authorized_keys
chmod 600 authorized_keys
chown -R leixiaolong: leixiaolong ../.ssh
#为用户增加sudo权限
echo "wuhan ALL=(ALL) NOPASSWD: ALL " >>/etc/sudoers
visudo -c
# 编辑sudoers文件要用,不然readonly:
sudoedit /etc/sudoers
#需要限制权限,可在末尾添加修改下面
wuhan ALL=(ALL) NOPASSWD: /bin/whoami,/bin/su,/bin/bash,!/bin/tcsh,!/usr/bin/passwd,!/usr/bin/passwd root,!/bin/vim /etc/sudoers,!/usr/bin/vim /etc/sudoers,!/usr/sbin/visudo,!/usr/bin/sudo -i,!/bin/bi /etc/ssh/*,!/bin/chmod 777 /etc/*,!/bin/chmod 777 *,!/bin/chmod 777,!/bin/chmod -R 777 *,!/bin/rm /*,!/bin/rm /,!/bin/rm -rf /,!/bin/rm -rf /*,!/bin/rm /etc,!/bin/rm -r /etc,!/bin/rm -rf /etc,!/bin/rm /etc/*,!/bin/rm -r /etc/*,!/bin/rm -rf /etc/*,!/bin/rm /root,!/bin/rm -r /root,!/bin/rm -rf /root,!/bin/rm /root/*,!/bin/rm -r /root/*,!/bin/rm -rf /root/*,!/bin/rm /bin,!/bin/rm -r /bin,!/bin/rm -rf /bin,!/bin/rm /bin/*,!/bin/rm -r /bin/*,!/bin/rm -rf /bin/*
#或者把用户加到某个目录的root组:
chown wuhan.root /var/log/mysqld.log