The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.
Difference between revisions of "Package:Sudo"
Threesixes (talk | contribs) m (disabling root info) |
Threesixes (talk | contribs) m (a bit better, needs individual commands saving what i've got so far) |
||
(3 intermediate revisions by 2 users not shown) | |||
Line 4: | Line 4: | ||
|Homepage=http://www.sudo.ws/ | |Homepage=http://www.sudo.ws/ | ||
}} | }} | ||
{{PageNeedsUpdates}} | |||
sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment. | sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment. | ||
Line 11: | Line 12: | ||
==== Configuration ==== | ==== Configuration ==== | ||
===== | ===== /etc/sudoers.d/ ===== | ||
Instead of editing {{f|/etc/sudoers}}, you may drop individual configuration files into the {{f|/etc/sudoers.d/}} directory | |||
{{ | ===== Passwordless Sudoer ===== | ||
The sudo configuration file is located @ {{f|/etc/sudoers}}. When editing this file be very careful to not introduce syntax errors. Several other linux distributions use {{c|visudo}} to edit {{f|/etc/sudoers}}. | |||
{{Console|body=$##i## su -c 'nano /etc/sudoers'}} | |||
{{file|name=/etc/sudoers|lang=|desc=uncomment wheel group no password sudo|body= | |||
%wheel ALL=(ALL) NOPASSWD: ALL | %wheel ALL=(ALL) NOPASSWD: ALL | ||
}} | |||
Add your user to the wheel group to enable sudo: | Add your user to the wheel group to enable sudo: | ||
Line 31: | Line 35: | ||
To better secure a system, one may desire to disable root logins by password. | To better secure a system, one may desire to disable root logins by password. | ||
{{console|body= | {{console|body= $##i## sudo passwd -ld root}} | ||
to access root: | to access root: | ||
Line 44: | Line 48: | ||
{{console|body=$##i## echo "complete -cf sudo" >> $HOME/.bashrc}} | {{console|body=$##i## echo "complete -cf sudo" >> $HOME/.bashrc}} | ||
==== Passing Environment Variables ==== | |||
To pass environment variables to the temporary root use the -E flag. | |||
{{console|body=$##i## sudo -E echo 'hello world'}} | |||
==== Passing Aliases ==== | |||
If your user has aliases you wish to use under sudo you must alias sudo with a space first: | |||
{{console|body=$##i## echo "alias sudo='sudo '" >> $HOME/.bashrc}} | |||
{{EbuildFooter}} | {{EbuildFooter}} |
Latest revision as of 05:38, January 25, 2015
Sudo
We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.
sudo allows privilege escalation for non root users to perform restricted actions while in a locked down user environment.
Emerge
root # emerge sudo
Configuration
/etc/sudoers.d/
Instead of editing /etc/sudoers
, you may drop individual configuration files into the /etc/sudoers.d/
directory
Passwordless Sudoer
The sudo configuration file is located @ /etc/sudoers
. When editing this file be very careful to not introduce syntax errors. Several other linux distributions use visudo
to edit /etc/sudoers
.
user $ su -c 'nano /etc/sudoers'
/etc/sudoers
- uncomment wheel group no password sudo%wheel ALL=(ALL) NOPASSWD: ALL
Add your user to the wheel group to enable sudo:
user $ su -c 'gpasswd -a $USER wheel'
Either log out, and in again or restart:
user $ su -c 'shutdown -r now'
Disabling Root Access By Password
To better secure a system, one may desire to disable root logins by password.
user $ sudo passwd -ld root
to access root:
user $ sudo su
Root can also be accessed by logging in via ssh keys, or as a restricted user then sudo su as above.
Bash Completion
Users that want bash completion with sudo need to run this once.
user $ echo "complete -cf sudo" >> $HOME/.bashrc
Passing Environment Variables
To pass environment variables to the temporary root use the -E flag.
user $ sudo -E echo 'hello world'
Passing Aliases
If your user has aliases you wish to use under sudo you must alias sudo with a space first:
user $ echo "alias sudo='sudo '" >> $HOME/.bashrc