注意:

The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.

Difference between revisions of "Package:Sudo"

From Funtoo
Jump to navigation Jump to search
m (more importing)
m (a bit better, needs individual commands saving what i've got so far)
 
(4 intermediate revisions by 2 users not shown)
Line 4: Line 4:
|Homepage=http://www.sudo.ws/
|Homepage=http://www.sudo.ws/
}}
}}
{{PageNeedsUpdates}}


sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment.
sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment.
Line 11: Line 12:


==== Configuration ====
==== Configuration ====
===== Passwordless =====
===== /etc/sudoers.d/ =====
The sudo configuration file is located @ {{f|/etc/sudoers}}.
Instead of editing {{f|/etc/sudoers}}, you may drop individual configuration files into the {{f|/etc/sudoers.d/}} directory


{{Console|body=$##i##su -c 'nano /etc/sudoers'}}
===== Passwordless Sudoer =====
The sudo configuration file is located @ {{f|/etc/sudoers}}.  When editing this file be very careful to not introduce syntax errors.  Several other linux distributions use {{c|visudo}} to edit {{f|/etc/sudoers}}.


Remove the # in the line....
{{Console|body=$##i## su -c 'nano /etc/sudoers'}}


{{file|name=/etc/sudoers|lang=|desc=uncomment wheel group no password sudo|body=
%wheel ALL=(ALL) NOPASSWD: ALL
%wheel ALL=(ALL) NOPASSWD: ALL
}}


Add your user to the wheel group to enable sudo:
Add your user to the wheel group to enable sudo:
Line 27: Line 31:


{{Console|body=$##i## su -c 'shutdown -r now'}}
{{Console|body=$##i## su -c 'shutdown -r now'}}
===== Disabling Root Access By Password =====
To better secure a system, one may desire to disable root logins by password.
{{console|body= $##i## sudo passwd -ld root}}
to access root:
{{Console|body= $##i## sudo su}}
Root can also be accessed by logging in via ssh keys, or as a restricted user then sudo su as above.


====Bash Completion====
====Bash Completion====
Line 33: Line 48:


{{console|body=$##i## echo "complete -cf sudo" >> $HOME/.bashrc}}
{{console|body=$##i## echo "complete -cf sudo" >> $HOME/.bashrc}}
==== Passing Environment Variables ====
To pass environment variables to the temporary root use the -E flag.
{{console|body=$##i## sudo -E echo 'hello world'}}
==== Passing Aliases ====
If your user has aliases you wish to use under sudo you must alias sudo with a space first:
{{console|body=$##i## echo "alias sudo='sudo '" >> $HOME/.bashrc}}


{{EbuildFooter}}
{{EbuildFooter}}

Latest revision as of 05:38, January 25, 2015

Sudo

   Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.


sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment.

Emerge

root # emerge sudo

Configuration

/etc/sudoers.d/

Instead of editing /etc/sudoers, you may drop individual configuration files into the /etc/sudoers.d/ directory

Passwordless Sudoer

The sudo configuration file is located @ /etc/sudoers. When editing this file be very careful to not introduce syntax errors. Several other linux distributions use visudo to edit /etc/sudoers.

user $ su -c 'nano /etc/sudoers'
   /etc/sudoers - uncomment wheel group no password sudo
%wheel ALL=(ALL) NOPASSWD: ALL

Add your user to the wheel group to enable sudo:

user $ su -c 'gpasswd -a $USER wheel'

Either log out, and in again or restart:

user $ su -c 'shutdown -r now'
Disabling Root Access By Password

To better secure a system, one may desire to disable root logins by password.

user $ sudo passwd -ld root

to access root:

user $ sudo su

Root can also be accessed by logging in via ssh keys, or as a restricted user then sudo su as above.

Bash Completion

Users that want bash completion with sudo need to run this once.

user $ echo "complete -cf sudo" >> $HOME/.bashrc

Passing Environment Variables

To pass environment variables to the temporary root use the -E flag.

user $ sudo -E echo 'hello world'

Passing Aliases

If your user has aliases you wish to use under sudo you must alias sudo with a space first:

user $ echo "alias sudo='sudo '" >> $HOME/.bashrc