Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rank-math domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u763016847/domains/golinuxhub.com/public_html/wp-includes/functions.php on line 6114
How to give permission to user to run some commands in Linux - GoLinuxHub

How to give permission to user to run some commands in Linux

In Linux you can easily give permissions to user on a command basis, according to which that user will be allowed to run only those commands as super user and apart from those he/she would act as a normal user with normal privilege.
There can be cases when you want your user to be allowed to restart some particular service or run some specific commands with super user privilege so in that case you just need to make an entry for that user in sudoers file.
Let me show you how to do so
The file responsible to providing such permissions to users is /etc/sudoers
You can either open the file using vi to edit or there is an alternate and BETTER option to edit the sudoers file i.e using visudo command
One question should come to your mind
 

Why should I use visudo command instead of directly editing the file with vi or any other editor?

Well the answer is in case you are editing the sudoers file using vi editor and you use any wrong syntax and save and exit the file then it might even become hard for the root user to log back in and edit the file again. As vi editor would not check for any syntax error inside the file.
That is the reason you should always prefer to use visudo because even in case you make any syntax error then visudo will prompt you before making and changes and exiting.

# visudo

Suppose you want to give your user permission to run network and apache server restart permission

# visudo
%test  192.168.0.100=(root)  /etc/init.d/network, /etc/init.d/httpd9

So, in the above line we are telling our Linux machine, Allow all the users of test group from 192.168.0.61 to run network and apache server related commands using root privilege

Let use try to run these commands as test user
# su - test
$ sudo /etc/init.d/network restart
[sudo] password for test:
Shutting down interface eth0:  Device state: 3 (disconnected)
                                                           [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface eth0:  Active connection state: activated
Active connection path: /org/freedesktop/NetworkManager/ActiveConnection/3
                                                           [  OK  ]
Well it worked as expected

But what would happen in case test user tries to run any command for which he is not authenticated

$ sudo /etc/init.d/vsftpd restart
[sudo] password for test:
test is not allowed to run sudo on localhost.  This incident will be reported.

Oops the incident has been reported, but where will you check these reports?

# tail /var/log/secure
Sep 27 13:04:26 test sudo:     test : TTY=pts/1 ; PWD=/home/test ; USER=root ; COMMAND=/etc/init.d/network restart
Sep 27 13:09:23 test sudo:     test : user NOT authorized on host ; TTY=pts/1 ; PWD=/home/test ; USER=root ; COMMAND=/etc/init.d/vsftpd restart
Please let me know your success and failures