Sudo

Revision as of 05:38, January 25, 2015 by Threesixes (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

app-admin/sudo


Source Repository:Gentoo Portage Tree
Homepage

Summary: Allows users or groups to run commands as other users

Use Flags

sendmail
Allow sudo to send emails with sendmail.
offensive
Let sudo print insults when the user types the wrong password.

News

Drobbins

Pre-built kernels!

Funtoo stage3's are now starting to offer pre-built kernels for ease of install. read more....
12 May 2015 by Drobbins
Drobbins

Better Experiences: Ego and Vim

Info on Funtoo's new personality tool called 'ego', and user-focused updates to vim's defaults.
27 April 2015 by Drobbins
Drobbins

How We're Keeping You At the Center of the Funtoo Universe

Read about recent developments that keep you, our users, at the forefront of our focus as Funtoo moves forward.
10 April 2015 by Drobbins
View More News...

Sudo

Tip

This is a wiki page. To edit it, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.


sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment.

Emerge

# emerge sudo


Configuration

/etc/sudoers.d/

Instead of editing /etc/sudoers, you may drop individual configuration files into the /etc/sudoers.d/ directory

Passwordless Sudoer

The sudo configuration file is located @ /etc/sudoers. When editing this file be very careful to not introduce syntax errors. Several other linux distributions use visudo to edit /etc/sudoers.

$ su -c 'nano /etc/sudoers'


/etc/sudoers - uncomment wheel group no password sudo
%wheel ALL=(ALL) NOPASSWD: ALL

Add your user to the wheel group to enable sudo:

$ su -c 'gpasswd -a $USER wheel'


Either log out, and in again or restart:

$ su -c 'shutdown -r now'


Disabling Root Access By Password

To better secure a system, one may desire to disable root logins by password.

$ sudo passwd -ld root


to access root:

$ sudo su


Root can also be accessed by logging in via ssh keys, or as a restricted user then sudo su as above.

Bash Completion

Users that want bash completion with sudo need to run this once.

$ echo "complete -cf sudo" >> $HOME/.bashrc


Passing Environment Variables

To pass environment variables to the temporary root use the -E flag.

$ sudo -E echo 'hello world'


Passing Aliases

If your user has aliases you wish to use under sudo you must alias sudo with a space first:

$ echo "alias sudo='sudo '" >> $HOME/.bashrc