Difference between revisions of "Package:Sudo"

m (updated to user sudo lock root to ensure that the user's got sudo)
m (a bit better, needs individual commands saving what i've got so far)
 
Line 12: Line 12:
  
 
==== Configuration ====
 
==== Configuration ====
===== Passwordless =====
+
===== /etc/sudoers.d/ =====
The sudo configuration file is located @ {{f|/etc/sudoers}}.
+
Instead of editing {{f|/etc/sudoers}}, you may drop individual configuration files into the {{f|/etc/sudoers.d/}} directory
  
{{Console|body=$##i## su -c 'nano /etc/sudoers'}}
+
===== Passwordless Sudoer =====
 +
The sudo configuration file is located @ {{f|/etc/sudoers}}.  When editing this file be very careful to not introduce syntax errors.  Several other linux distributions use {{c|visudo}} to edit {{f|/etc/sudoers}}.
  
Remove the # in the line....
+
{{Console|body=$##i## su -c 'nano /etc/sudoers'}}
  
 +
{{file|name=/etc/sudoers|lang=|desc=uncomment wheel group no password sudo|body=
 
%wheel ALL=(ALL) NOPASSWD: ALL
 
%wheel ALL=(ALL) NOPASSWD: ALL
 +
}}
  
 
Add your user to the wheel group to enable sudo:
 
Add your user to the wheel group to enable sudo:
Line 45: Line 48:
  
 
{{console|body=$##i## echo "complete -cf sudo" >> $HOME/.bashrc}}
 
{{console|body=$##i## echo "complete -cf sudo" >> $HOME/.bashrc}}
 +
 +
==== Passing Environment Variables ====
 +
To pass environment variables to the temporary root use the -E flag.
 +
{{console|body=$##i## sudo -E echo 'hello world'}}
 +
 +
==== Passing Aliases ====
 +
If your user has aliases you wish to use under sudo you must alias sudo with a space first:
 +
{{console|body=$##i## echo "alias sudo='sudo '" >> $HOME/.bashrc}}
  
 
{{EbuildFooter}}
 
{{EbuildFooter}}

Latest revision as of 05:38, January 25, 2015

app-admin/sudo


Source Repository:Gentoo Portage Tree
Homepage

Summary: Allows users or groups to run commands as other users

Use Flags

sendmail
Allow sudo to send emails with sendmail.
offensive
Let sudo print insults when the user types the wrong password.

News

Mgorny

CPU FLAGS X86

CPU_FLAGS_X86 are being introduced to group together USE flags managing CPU instruction sets.
31 January 2015 by Mgorny
Drobbins

Newsletter, Volume 1

Discussed: ati-drivers, GitHub integration, Funtoo on ARM, GNOME updates, Organizations, and two new devs.
27 January 2015 by Drobbins
Drobbins

New Media Mix-ins

Funtoo Linux now has new media mix-ins. Learn about them and how to use them.
11 January 2015 by Drobbins
View More News...

Sudo

Tip

This is a wiki page. To edit it, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.


sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment.

Emerge

# emerge sudo


Configuration

/etc/sudoers.d/

Instead of editing /etc/sudoers, you may drop individual configuration files into the /etc/sudoers.d/ directory

Passwordless Sudoer

The sudo configuration file is located @ /etc/sudoers. When editing this file be very careful to not introduce syntax errors. Several other linux distributions use visudo to edit /etc/sudoers.

$ su -c 'nano /etc/sudoers'


/etc/sudoers - uncomment wheel group no password sudo
%wheel ALL=(ALL) NOPASSWD: ALL

Add your user to the wheel group to enable sudo:

$ su -c 'gpasswd -a $USER wheel'


Either log out, and in again or restart:

$ su -c 'shutdown -r now'


Disabling Root Access By Password

To better secure a system, one may desire to disable root logins by password.

$ sudo passwd -ld root


to access root:

$ sudo su


Root can also be accessed by logging in via ssh keys, or as a restricted user then sudo su as above.

Bash Completion

Users that want bash completion with sudo need to run this once.

$ echo "complete -cf sudo" >> $HOME/.bashrc


Passing Environment Variables

To pass environment variables to the temporary root use the -E flag.

$ sudo -E echo 'hello world'


Passing Aliases

If your user has aliases you wish to use under sudo you must alias sudo with a space first:

$ echo "alias sudo='sudo '" >> $HOME/.bashrc