Difference between revisions of "Package:Sudo"

m (updated to user sudo lock root to ensure that the user's got sudo)
m (a bit better, needs individual commands saving what i've got so far)
 
Line 12: Line 12:
  
 
==== Configuration ====
 
==== Configuration ====
===== Passwordless =====
+
===== /etc/sudoers.d/ =====
The sudo configuration file is located @ {{f|/etc/sudoers}}.
+
Instead of editing {{f|/etc/sudoers}}, you may drop individual configuration files into the {{f|/etc/sudoers.d/}} directory
  
{{Console|body=$##i## su -c 'nano /etc/sudoers'}}
+
===== Passwordless Sudoer =====
 +
The sudo configuration file is located @ {{f|/etc/sudoers}}.  When editing this file be very careful to not introduce syntax errors.  Several other linux distributions use {{c|visudo}} to edit {{f|/etc/sudoers}}.
  
Remove the # in the line....
+
{{Console|body=$##i## su -c 'nano /etc/sudoers'}}
  
 +
{{file|name=/etc/sudoers|lang=|desc=uncomment wheel group no password sudo|body=
 
%wheel ALL=(ALL) NOPASSWD: ALL
 
%wheel ALL=(ALL) NOPASSWD: ALL
 +
}}
  
 
Add your user to the wheel group to enable sudo:
 
Add your user to the wheel group to enable sudo:
Line 45: Line 48:
  
 
{{console|body=$##i## echo "complete -cf sudo" >> $HOME/.bashrc}}
 
{{console|body=$##i## echo "complete -cf sudo" >> $HOME/.bashrc}}
 +
 +
==== Passing Environment Variables ====
 +
To pass environment variables to the temporary root use the -E flag.
 +
{{console|body=$##i## sudo -E echo 'hello world'}}
 +
 +
==== Passing Aliases ====
 +
If your user has aliases you wish to use under sudo you must alias sudo with a space first:
 +
{{console|body=$##i## echo "alias sudo='sudo '" >> $HOME/.bashrc}}
  
 
{{EbuildFooter}}
 
{{EbuildFooter}}

Latest revision as of 05:38, January 25, 2015

app-admin/sudo


Source Repository:Repository:Gentoo Portage Tree

http://www.sudo.ws/

Summary: Allows users or groups to run commands as other users

Use Flags

sendmail
Allow sudo to send emails with sendmail.
offensive
Let sudo print insults when the user types the wrong password.

News

Drobbins

IP Space Migration Continues

All Funtoo user containers in the 8.28 IP space will be moving into our new IP space (172.97) over the next few days. If you have DNS set up -- be sure to watch your container and update to the new IP! container.host.funtoo.org DNS will be updated after the move.
2015-08-27 by Drobbins
Drobbins

Funtoo Hosting IP Move

Funtoo user containers with IPs in the 72.18.x.x range will be gradually migrating to new IP addresses this week. If you have DNS entries for your containers, please be aware that your DNS will need to be updated.
2015-08-11 by Drobbins
Drobbins

New ARM Stages

New ARM Stages, built with a new toolchain, are now hitting mirrors. Existing ARM users should re-install using these stages (dated Aug 3, 2015 or later,) rather than upgrade using emerge.
2015-08-06 by Drobbins
More...

Sudo

Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.


sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment.

Emerge

# emerge sudo


Configuration

/etc/sudoers.d/

Instead of editing /etc/sudoers, you may drop individual configuration files into the /etc/sudoers.d/ directory

Passwordless Sudoer

The sudo configuration file is located @ /etc/sudoers. When editing this file be very careful to not introduce syntax errors. Several other linux distributions use visudo to edit /etc/sudoers.

$ su -c 'nano /etc/sudoers'


/etc/sudoers - uncomment wheel group no password sudo
%wheel ALL=(ALL) NOPASSWD: ALL

Add your user to the wheel group to enable sudo:

$ su -c 'gpasswd -a $USER wheel'


Either log out, and in again or restart:

$ su -c 'shutdown -r now'


Disabling Root Access By Password

To better secure a system, one may desire to disable root logins by password.

$ sudo passwd -ld root


to access root:

$ sudo su


Root can also be accessed by logging in via ssh keys, or as a restricted user then sudo su as above.

Bash Completion

Users that want bash completion with sudo need to run this once.

$ echo "complete -cf sudo" >> $HOME/.bashrc


Passing Environment Variables

To pass environment variables to the temporary root use the -E flag.

$ sudo -E echo 'hello world'


Passing Aliases

If your user has aliases you wish to use under sudo you must alias sudo with a space first:

$ echo "alias sudo='sudo '" >> $HOME/.bashrc