注意:

The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.

Difference between revisions of "Package:Sudo"

From Funtoo
Jump to navigation Jump to search
(initial commit)
 
m (a bit better, needs individual commands saving what i've got so far)
 
(6 intermediate revisions by 2 users not shown)
Line 4: Line 4:
|Homepage=http://www.sudo.ws/
|Homepage=http://www.sudo.ws/
}}
}}
blah blah blah
{{PageNeedsUpdates}}
 
sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment.
 
=== Emerge ===
{{console|body=###i## emerge sudo}}
 
==== Configuration ====
===== /etc/sudoers.d/ =====
Instead of editing {{f|/etc/sudoers}}, you may drop individual configuration files into the {{f|/etc/sudoers.d/}} directory
 
===== Passwordless Sudoer =====
The sudo configuration file is located @ {{f|/etc/sudoers}}.  When editing this file be very careful to not introduce syntax errors.  Several other linux distributions use {{c|visudo}} to edit {{f|/etc/sudoers}}.
 
{{Console|body=$##i## su -c 'nano /etc/sudoers'}}
 
{{file|name=/etc/sudoers|lang=|desc=uncomment wheel group no password sudo|body=
%wheel ALL=(ALL) NOPASSWD: ALL
}}
 
Add your user to the wheel group to enable sudo:
 
{{Console|body=$##i## su -c 'gpasswd -a $USER wheel'}}
 
Either log out, and in again or restart:
 
{{Console|body=$##i## su -c 'shutdown -r now'}}
 
===== Disabling Root Access By Password =====
To better secure a system, one may desire to disable root logins by password.
 
{{console|body= $##i## sudo passwd -ld root}}
 
to access root:
 
{{Console|body= $##i## sudo su}}
 
Root can also be accessed by logging in via ssh keys, or as a restricted user then sudo su as above.
 
====Bash Completion====
 
Users that want bash completion with sudo need to run this once.
 
{{console|body=$##i## echo "complete -cf sudo" >> $HOME/.bashrc}}
 
==== Passing Environment Variables ====
To pass environment variables to the temporary root use the -E flag.
{{console|body=$##i## sudo -E echo 'hello world'}}
 
==== Passing Aliases ====
If your user has aliases you wish to use under sudo you must alias sudo with a space first:
{{console|body=$##i## echo "alias sudo='sudo '" >> $HOME/.bashrc}}
 
{{EbuildFooter}}
{{EbuildFooter}}

Latest revision as of 05:38, January 25, 2015

Sudo

   Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.


sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment.

Emerge

root # emerge sudo

Configuration

/etc/sudoers.d/

Instead of editing /etc/sudoers, you may drop individual configuration files into the /etc/sudoers.d/ directory

Passwordless Sudoer

The sudo configuration file is located @ /etc/sudoers. When editing this file be very careful to not introduce syntax errors. Several other linux distributions use visudo to edit /etc/sudoers.

user $ su -c 'nano /etc/sudoers'
   /etc/sudoers - uncomment wheel group no password sudo
%wheel ALL=(ALL) NOPASSWD: ALL

Add your user to the wheel group to enable sudo:

user $ su -c 'gpasswd -a $USER wheel'

Either log out, and in again or restart:

user $ su -c 'shutdown -r now'
Disabling Root Access By Password

To better secure a system, one may desire to disable root logins by password.

user $ sudo passwd -ld root

to access root:

user $ sudo su

Root can also be accessed by logging in via ssh keys, or as a restricted user then sudo su as above.

Bash Completion

Users that want bash completion with sudo need to run this once.

user $ echo "complete -cf sudo" >> $HOME/.bashrc

Passing Environment Variables

To pass environment variables to the temporary root use the -E flag.

user $ sudo -E echo 'hello world'

Passing Aliases

If your user has aliases you wish to use under sudo you must alias sudo with a space first:

user $ echo "alias sudo='sudo '" >> $HOME/.bashrc