Package:Sudo

From Funtoo
Jump to navigation Jump to search

Sudo

   Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.


sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment.

Emerge

root # emerge sudo

Configuration

/etc/sudoers.d/

Instead of editing /etc/sudoers, you may drop individual configuration files into the /etc/sudoers.d/ directory

Passwordless Sudoer

The sudo configuration file is located @ /etc/sudoers. When editing this file be very careful to not introduce syntax errors. Several other linux distributions use visudo to edit /etc/sudoers.

user $ su -c 'nano /etc/sudoers'
   /etc/sudoers - uncomment wheel group no password sudo
%wheel ALL=(ALL) NOPASSWD: ALL

Add your user to the wheel group to enable sudo:

user $ su -c 'gpasswd -a $USER wheel'

Either log out, and in again or restart:

user $ su -c 'shutdown -r now'
Disabling Root Access By Password

To better secure a system, one may desire to disable root logins by password.

user $ sudo passwd -ld root

to access root:

user $ sudo su

Root can also be accessed by logging in via ssh keys, or as a restricted user then sudo su as above.

Bash Completion

Users that want bash completion with sudo need to run this once.

user $ echo "complete -cf sudo" >> $HOME/.bashrc

Passing Environment Variables

To pass environment variables to the temporary root use the -E flag.

user $ sudo -E echo 'hello world'

Passing Aliases

If your user has aliases you wish to use under sudo you must alias sudo with a space first:

user $ echo "alias sudo='sudo '" >> $HOME/.bashrc