Linux - sudo コマンドの紹介 (Linux - sudo Command Intro)

字幕表動画を再生する

please go to the line the computer guy dot com, in order to view schematics, code and Maur for the projects that you are learning about.
Welcome back.
So today's a video.
I'm going to introduce you to the Sioux Command.
Basically, this is a way that you can escalate your privileges within the U Bahn to server so that you could do things such as edit files or view modifications to the system.
So now, with a lot of distributions of Lennox, whenever you create your initial account, that is going to be what is called the route user.
So think of this as the administrator in the Windows world, basically, in a lot of distributions.
The first account that's created is the route user, and the route user basically can do whatever the hell they want to the operating system.
They could create files and folders.
They can modify I and II files they can go through, and they have power to do whatever they want because they are the administrator.
They are the root.
There's a problem with this from a security standpoint.
No, because if you do something like that, that basically means that one account has the ability to do whatever the hell it wants on the system.
So if somebody can compromise that single account either through scripts or some other way, you can run into a lot of issues, eh?
So that's why the Windows world they can give you a C on in the Lenox world for a bun, too.
They came up with pseudo.
So basically what happens with Sudo is that you create your initial accounts.
When you install the Lenox operate system, they want to operating system, the server version, you create your account, and that's going to be your administrator account.
Well, the interesting thing is, you don't have permission to do whatever the hell you want to the entire operating system.
What you have to do is, if you're going to make certain modifications, you have to escalate your privileges to give yourself the ability to actually make certain modifications.
And so this is where you use in the soup command.
So what's nice about this, especially think about like a data center environment or a server room environment.
Think about what happens if you accidentally forget to along out of a server, right?
So think about it.
You've got your server room.
You're not really worried about security.
And so you log into the server, you know, you walk away, you don't think about it.
You don't long out of the server.
And then at that point, somebody could literally just walk in and start running commands willing Millie off of the user account that you logged in with.
Well, the nice part with Sudo is what happens is if you want to do specific things like things that will really modify the operator operating system, you have to use a pseudo command.
And then whatever it is that you want to, like, make directory or remove directory something like that.
And then what will happen is it will prompt you for a password, basically, for your password to verify that you actually want to escalate your privileges in order to do whatever it is that you're trying to dio.
And so this is just a little security procedure.
Basically, it keeps it keeps the system from being, you know, basically hacked just simply because somebody forgot to log out on they have root privileges.
Now the nice thing now in the modern world, at least with 18.4 is apparently, suit.
Who has a 15 minute time out.
Eso This wasn't always the case.
Time out.
Used to be basically if you wanted to use Sue do in the past Back when I first learned about to every time that you wanted to do a command that required a pseudo you would have to type in the password every single time with, hey, like USC in the Windows world.
If you force people to do something every single time there, they're gonna come up with ways to get around that.
And so there are ways that you can simply basically get rid of the Sioux functionality, and that's essentially what people did.
So that's it.
Then again, it isn't one thing.
Everything about the security world in the real world is that you create you create this system in order to make things more secure.
But then the people actually using the system gets so frustrated with the system that you've created that they create backdoors to what you did, and then it just turns into a mess.
So one of the nice things now is apparently a timeout is 15 minutes, so basically again, we're gonna make director move, director anything that would require the pseudo command.
You plug in the soup password, and then you're able to run commands without having to put in a password after that for 15 minutes and then after 15 minutes, a little time out and you'll have to put in a password to get there is a way, basically, turn off the suit or to change the time out.
But I'm not going to go into that today.
I think that's a little bit more advanced.
Now, when I think of Sue, do one thing to think about this might be a little bit of a lion.
Is, um, this shows my age and again, one of the issues that you're gonna run into in the Lenox world.
People have not done this for a while.
His words cage where it's changed, meanings change the meanings of command.
Strange.
So when I think of pseudo and whenever I talk about it going in the future, I think of it as Super user do So.
Super User is basically that route account.
Super User is the same as rude account, essentially, so that's that's how I think about right.
I think about it.
I'm at my permission level and then I need to do something that I don't have the authority to.
D'oh!
So I say Super user Sue do super user do in the whatever doesn't want?
And basically that's how I think about an escalator, apparently now, though, to be clear, I think they're now call it Substitute user do because you know Lennox World, he's not really super user.
You're really substituting users.
So if you say super user, it's wrong.
It's really substance.
So again, just one of the things I think about with words and ally ISMs, and I've been doing this so long it hurts.
So it's really frustrating for May I?
I think super user do makes a lot of sense, I think Super user do Sue Dio.
Yes, Okay, I got it.
But now I think it's substitute.
There theoretically supposed be some suit user D'oh!
So you go look at the Wikipedia articles, Look a look a the other information on that.
That's again.
That's just one of those word of frustrations that we get into as things change with Lennox World and one of the problems you'll run into if you're trying to learn some of this stuff is where even again, even things that you think of his abbreviations seemed to change over the years.
And it gets toe cause a bit of a vast.
But it was, Let's go over to the computer.
I'll demonstrate pseudo.
We're just going over the basics of this today again with anything that I show you.
When it comes to Lennox is, there's 1000 more configurations.
There is 500 different ways to skin a cat with any of these commands that I'm showing you.
So if I'm showing you something and you find it interesting and you think that you want to learn more about it, please don't do go to Google, do some more searching on it because there's a lot morte to everything that I'm showing you.
Then I'm going to get to, and the reason is is just because there's so much to it.
In a certain point, you get into the weeds, so I'm just showing you the basic stuff.
So there is some interesting stuff with sooner.
If you wanted to do some continuing research, I may talk about it.
Maura and like advanced classes once we get the introduction, Siri's.
But we're just keeping this at at the basic level today, if you wanna learn more about it.
So let's with that.
Let's go over the computer and I'll show you how soon who works.
So here we are, back at my computer again.
I have a virtual machine installed within virtual box, and I'm currently using about to 18.4 point three.
This is a vanilla installation.
Now, to be clear, what I'm saying today, what I'm taking today should be relevant for the next 10 years.
Realistically, the only major thing exchange, at least for the basic concept of Sue do in the past 10 years is that whole time out thing.
So just realize if you're using who bond to you know, 25 it should be the same.
Should more or less basically be the same, at least with basic stuff here.
So let's let's log and then we're gonna go to Bob and our password is 123456 because I just roll the easy way and now we're long again.
We see the basic information, and so what?
I'm going to do is I'm going to clear the screen, so clear the screen.
I'm now in my my home folder, So passwords I'm in home, Bob.
What I'm going to do is I'm going to change directory and I am going to go to route.
So I'm now in the system route.
And so let's say I'm in the system route.
So do l.
S.
L.
So I take a look at the files and folders in the system route and I'm here.
I'm thinking you want to know what I really want to do.
What I really want to do is I want to create a test folder.
What?
You know, I'm gonna create a share or do something like that.
I'm going to create a test folder.
So what I'm gonna do is first someone try to do make a directory in K d i.
R.
And then just a folder called Test Make Directory test and I hit.
Enter.
Now you can see here is make directory cannot create directory test permission denied, Even though again, there are literally no other user accounts on the system, there is only Bob Bob, busy account that was created for the system, but I'm not able to create a directory.
So what I could do is Sue do Super user?
Do as I say.
Make directory cast.
Now it asked me for my password.
123456 And if we do l s l we can Now go and see that right here.
We have a test directory.
So basically, if I'm up at the system route in order to make it a test directory, I would have to use the suit of right and so with the same idea.
Same idea.
Let's say I wanted to get rid of the directory.
So our am so remove directory test.
So I was like, Okay, I did my test.
Whatever house I hit enter again, as we see before, permission denied.
So we're gonna do a su do our MD our test.
And now again, since we're within that time out, period, it is still accepting that password that we gave for the Sioux Command before we were able to remove the rectory test.
L s l on.
If we go, we can take a look and we can see there is no test hair Now.
I want to show you.
Now I want to show you how pseudo Basically, I want to show you how Lennox fails in the most horrible way possible.
The most spaghetti monster way possible.
There's something called the Sioux Doors file.
So I'm not going to go in this today.
So something called the super's file and basically, what that file allows you to do with cane to configurations for the Sioux Command who was able to use it the whole nine yards and that is sitting up here in the E T C four.
Right, So we're gonna d'oh cd e c.
So this well, what can I guess?
To the d C folder once we're in the e t c four clear, make this easier and then I'm gonna do l s l and so we can take take a look.
And basically what I'm looking for here is this suit doers.
So this is a file.
This is a pseudo er's file.
Now there is a text editor.
There's an editor with a newborn to It's one of the default editors and abundant now bunch who now called them.
I like them just one of those things I use it.
So let's say I'm sitting here and somebody told me Hey, you know, the way that you change configurations for the Sioux Command is by going through the sewers a file.
So I think.
Okay, I want to go and take a look at the suit over his file to see what configurations are in the suit doors file.
So what I'm gonna do is I'm gonna do them D'oh be I am right.
And then I'm simply going to flow again.
Sue doors, And it's like, Okay, so them So so.
File Editor, open up.
Suit, Suit, doors.
I want to see what's there.
Hit.
Enter.
I think this is the way this is like the ah, why Why are you so so bad?
So very bad user experience again.
This is the kind of thing that makes people lose their minds.
So what we can see here, obviously is.
It says su doors permission denied.
Okay, Well, that that onto itself isn't the most horrible thing in the world.
That's that's why.
Okay, well, my permission is denied.
That's not really the problem.
That's not really the problem.
Is what the hell am I looking at?
A just got a page one sided squiggles.
What?
What?
I don't understand.
And look here that I'm trying to tippy tap type.
So I try to type and I can't do anything.
I press Q and I can't do any.
Oh, so here's the issue.
So basically, you're invemed but was unable to open up this thing.
This file.
So what?
You have to dio for them for them is you knew Cole and you do you do Colin?
Yeah.
Get that?
Brings you basically to command.
So this is commands S o the commands.
You can quit.
You can quit without saving.
You can quit with save a whole nine yards, but we're gonna do is cute.
So basically you do Coghlan Coghlan Q And then you hit Enter.
And now you're able to get back to your command.
Prompt.
Yeah, yeah, again It's not Is not that Lennox coders are bad.
A user experience is they literally, don't you?
They just don't So what youwant todo es su?
Do them sue worth.
And if you do that, hit it.
Ah, Now look at that.
Then you actually get a file?
So this is something called vim.
We'll talk about them later for talking about file editors later.
But I can sit through.
I can't be in here and I can scroll through and I can look at the other different information, and I can get an idea of what's going on.
But again like that.
This is where I really want you to understand.
We think that's why people give up.
That's why people give up because they don't.
They don't realise suited.
I think I'm just gonna go look at this file and then they get whatever the hell that you just saw and then they don't even know how to get at just, uh, yeah, Things get bad.
S o just realize when you're dealing with them basically what you do in order to actually send commands again to save, to quit whole nine yards, you do colon to do colon, and then you do Q.
And then you enter and you're out S O.
These are some things I guess to be thinking about with the Sioux Command, especially when you're going to do modifications and edits and those types of things on again.
It's relatively.
It's relatively simple, really.
The biggest problem that I see with it is understanding what happens when things fail because then you just get like things like squiggly marks can be really, really frustrating.
So that's really all there is for a basic introduction to suit.
So that's an introduction to the Sooner Command.
Basically, all you're doing is you're escalating your privileges in order to be able to do certain tasks, be able to edit certain files the whole nine yards.
Overall, it's a pretty simple concept.
The problem comes in things like the failures.
Very like what now?
Get it.
To be clear, this command can be customized, like darn near everything else and Lennox as I go forward, at least for the introduction, Siri's probably for the rest of it, too.
I'm just gonna leave a plant the plain vanilla implementation implementation of Sue do, but because I think it's good for most, especially new technicians.
To get your mind around this and not to get into too many bad habits now would be clearly in the real world.
If you're sitting there pounding away at Lenox servers for eight hours a day, there may be a reason to modify the time out one way or the other or basically more or less.
Get rid of the Sioux command again when you're in charge of Lennox servers and you know you take the responsibility when things crash or ransomware hits or whatever else as I would say you do you as I'm going to teach you stuff the stuff in the beginning, I think it's better to get used to kind of like the default security settings for these things, because, overall, overall, I think it would be better if people basically left most of these settings as they are.
That's really all there is to the soon to command from a basic level again.
To be clear, you can give different users different studio abilities.
There's a lot of interesting things you can go to get more advanced into the studio command.
But if you're just learning how to use Lennox Maur basically more or less if you have a box, you are the only user account or you really only have, like, a couple of user accounts on there, just keeping everything simple to guess that that main user, I think, will work best for everybody.
But do you realize if you type in a command and you get a weird error again.
I say you go to open a configuration file and you go to do something, and it ever is out weird at the taste of the error.
Seems bizarre.
One thing that I would recommend is trying to back out whatever the hell you're doing and then and then use a suit New command to go in and re try, and that might actually fix things for you.
The other big lesson, The other big lesson that you should be learning in the Lenox world is Try trying to learn all the possible ways to escape of a process or out of an application.
Right.
Control C Q Control.
Cue Colin Cue again with all these different things.
And Lennox world, they didn't just go with one way of how to how to exit of a process or exit out of an application.
There's a whole bunch of different ways, and so that is a big issue that people run it like a real significant issue people run into is again.
They open application, do something, and I'm like, Okay, I'm just I'm just gonna close this.
Go back to what I was doing again, like permissive.
You okay?
Permission denied.
That's not the permission.
Denied is not the problem.
The problem is, you look Beija, squiggly marks.
How do I get s O?
That is an important thing.
If you write one thing in your notebook, if you have a notebook and you only have one Beijing notes had that page of notes be all of the escapes of how to get out of things.
Because that really can cost.
People are problems you don't wantto You do not want to have to be the new, but that is literally rebooting their server because they don't know how to get out of him.
Right there is.
There's There's a lot of things.
There's a lot of mistakes that you could make that you know.
Yeah, give it time and people will forgive you for if you have to reboot a server because you don't know how to get out of him.
Yeah, People are gonna laugh at you forever, So I guess something keeping so anyways, as always, I enjoy doing this video.