Sudo

From SlackWiki
Revision as of 23:31, 6 June 2009 by Erik (talk | contribs) (Copy from old)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Sudo is a program that lets a certain user run a program as root or another user. For instance say you want to let a user run
/usr/sbin/alsactl with root privilege , but not give them your root password? In sudo you can do this! First su into root and type:

visudo

You will now see a few example lines, Now first lets make the user "sandman1" be able to run alsactl as root:

sandman1   ALL = /usr/sbin/alsactl

Now of course you change the values of the following above. The first value "sandman1" is of course the username. the ALL
is the hostname, now you can actually put the real host name there , or you can allow a user to be on any host by adding
ALL. Now log into the user and type the following:

sudo /usr/sbin/alsactl

This command will ask you for a password, type YOURS in and not root and boom, you now can run /usr/sbin/alsactl as
root. With sudo you can also run programs as a different username besides root:

sandman1   192.168.0.2 = (test) /usr/sbin/alsactl

Now you noticed that I used an actual IP address in this example. (That is my local IP anyways) Now you noticed the
(test) that is the username that it will run as if i type the following command:

sudo -u test /usr/sbin/alsactl

Now the following example makes it so you do not have to type any password in:

%wheel   ALL = NOPASSWD: /usr/sbin/alsactl

The % symbolizes that wheel is not a user, but a group. Now if you are in the group wheel and type "sudo /usr/sbin/alsactl",
you will notice that it did not ask you for the password! Now all of this is great, but what happens when you have more
than 1 user that is not in the same group, but want to run the same command as root?

User_Alias GROUPOFUSERS = sandman1, sandy
GROUPOFUSERS   ALL = NOPASSWD: /usr/sbin/alsactl

Now the 2 users sandman1, and sandy can run /usr/sbin/alsactl as root! Now see how easy it is to add multiple users?
You can also add multiple Hosts as well:

Host_Alias SWEETHOST = 192.168.0.2, 192.168.0.3
sandman1   SWEETHOST = NOPASSWD: /usr/sbin/alsactl

Now you see how easy it is to setup multiple hosts? Now to find out what commands you can run using sudo just type the
following command:

sudo -l

That will list all the commands you are aloud to run! Now sudo is an easy tool and I hope you have a great time using it.