Sudo

Revision as of 05:38, January 25, 2015 by Threesixes (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

app-admin/sudo


Source Repository:Gentoo Portage Tree
Homepage

Summary: Allows users or groups to run commands as other users

Use Flags

sendmail
Allow sudo to send emails with sendmail.
offensive
Let sudo print insults when the user types the wrong password.

News

Drobbins

Newsletter, Volume 1

Discussed: ati-drivers, GitHub integration, Funtoo on ARM, GNOME updates, Organizations, and two new devs.
27 January 2015 by Drobbins
Drobbins

New Media Mix-ins

Funtoo Linux now has new media mix-ins. Learn about them and how to use them.
11 January 2015 by Drobbins
Drobbins

The Many Builds of Funtoo Linux

We now have lots of different builds of Funtoo Linux for various CPUs, as well as Hardened, Stable and ARM, and a new UI to browse them. Learn more here.
25 December 2014 by Drobbins
View More News...

Sudo

Tip

This is a wiki page. To edit it, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.


sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment.

Emerge

# emerge sudo


Configuration

/etc/sudoers.d/

Instead of editing /etc/sudoers, you may drop individual configuration files into the /etc/sudoers.d/ directory

Passwordless Sudoer

The sudo configuration file is located @ /etc/sudoers. When editing this file be very careful to not introduce syntax errors. Several other linux distributions use visudo to edit /etc/sudoers.

$ su -c 'nano /etc/sudoers'


/etc/sudoers - uncomment wheel group no password sudo
%wheel ALL=(ALL) NOPASSWD: ALL

Add your user to the wheel group to enable sudo:

$ su -c 'gpasswd -a $USER wheel'


Either log out, and in again or restart:

$ su -c 'shutdown -r now'


Disabling Root Access By Password

To better secure a system, one may desire to disable root logins by password.

$ sudo passwd -ld root


to access root:

$ sudo su


Root can also be accessed by logging in via ssh keys, or as a restricted user then sudo su as above.

Bash Completion

Users that want bash completion with sudo need to run this once.

$ echo "complete -cf sudo" >> $HOME/.bashrc


Passing Environment Variables

To pass environment variables to the temporary root use the -E flag.

$ sudo -E echo 'hello world'


Passing Aliases

If your user has aliases you wish to use under sudo you must alias sudo with a space first:

$ echo "alias sudo='sudo '" >> $HOME/.bashrc