|
|
Line 1: |
Line 1: |
| {{Ebuild | | {{Person |
| |Summary=Allows users or groups to run commands as other users | | |Geoloc=-8.705076734507147, 115.25946056877729 |
| |CatPkg=app-admin/sudo
| | |Blogs= |
| |Homepage=http://www.sudo.ws/ | |
| }} | | }} |
| {{PageNeedsUpdates}}
| |
|
| |
| sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment.
| |
|
| |
| === Emerge ===
| |
| {{console|body=###i## emerge sudo}}
| |
|
| |
| ==== Configuration ====
| |
| ===== /etc/sudoers.d/ =====
| |
| Instead of editing {{f|/etc/sudoers}}, you may drop individual configuration files into the {{f|/etc/sudoers.d/}} directory
| |
|
| |
| ===== Passwordless Sudoer =====
| |
| The sudo configuration file is located @ {{f|/etc/sudoers}}. When editing this file be very careful to not introduce syntax errors. Several other linux distributions use {{c|visudo}} to edit {{f|/etc/sudoers}}.
| |
|
| |
| {{Console|body=$##i## su -c 'nano /etc/sudoers'}}
| |
|
| |
| {{file|name=/etc/sudoers|lang=|desc=uncomment wheel group no password sudo|body=
| |
| %wheel ALL=(ALL) NOPASSWD: ALL
| |
| }}
| |
|
| |
| Add your user to the wheel group to enable sudo:
| |
|
| |
| {{Console|body=$##i## su -c 'gpasswd -a $USER wheel'}}
| |
|
| |
| Either log out, and in again or restart:
| |
|
| |
| {{Console|body=$##i## su -c 'shutdown -r now'}}
| |
|
| |
| ===== Disabling Root Access By Password =====
| |
| To better secure a system, one may desire to disable root logins by password.
| |
|
| |
| {{console|body= $##i## sudo passwd -ld root}}
| |
|
| |
| to access root:
| |
|
| |
| {{Console|body= $##i## sudo su}}
| |
|
| |
| Root can also be accessed by logging in via ssh keys, or as a restricted user then sudo su as above.
| |
|
| |
| ====Bash Completion====
| |
|
| |
| Users that want bash completion with sudo need to run this once.
| |
|
| |
| {{console|body=$##i## echo "complete -cf sudo" >> $HOME/.bashrc}}
| |
|
| |
| ==== Passing Environment Variables ====
| |
| To pass environment variables to the temporary root use the -E flag.
| |
| {{console|body=$##i## sudo -E echo 'hello world'}}
| |
|
| |
| ==== Passing Aliases ====
| |
| If your user has aliases you wish to use under sudo you must alias sudo with a space first:
| |
| {{console|body=$##i## echo "alias sudo='sudo '" >> $HOME/.bashrc}}
| |
|
| |
| {{EbuildFooter}}
| |