====== MANAGING USERS ====== ==== CHANGING IDENTITIES ==== There are two option to take on the identity of another user: * **su** - start the shell as another user or issue a single command as that user * **sudo** - allows a user to execute commands as a different user (usually the root). Config file //etc/sudoers// defines specific commands that particular users can execute under an assumed identity ==== SU ==== Start shell as a root: victor@rasp-4:~ $ su - Password: root@rasp-4:~# root@rasp-4:~# su -l victor victor@rasp-4:~ $ ==== SUDO ==== The difference from **su**: * The user might be restricted to one or more commands * sudo does not require an access to superuser's password * sudo doesn't start a new shell Running any command as //root// without having to enter a password: * **sudo visudo** - modifies /etc/sudoers/ * Add file to ///etc/sudoers.d// Example config for user //victor// (/etc/sudoers.d/010-victor-nopasswd): victor ALL=(ALL) NOPASSWD: ALL Which means: * ALL=(ALL) - victor can run commands for any user on any machine * NOPASSWD: ALL - no password needed for any command ==== GROUPS ==== Adding a user to the group: # usermod -aG sudo victor # 'a' - append; 'G' - group