Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions

  




 

 

SUDO: Root Access


The sudo package allows a normal user to execute commands as root in a controlled manner.

Debian's sudo package has the password timeout set to 15 minutes. This means that when you first enter your password, as long as you don't wait more than 15 minutes between sudo commands, you won't have to enter it again. The password timeout can be immediately expired with sudo -k.

Debian's sudo is compiled with

  --with-exempt=sudo
  --with-secure-path="/usr/local/sbin:/usr/local/bin:/usr/sbin:...

As a consequence, the PATH of the user is ignored except if the user is in group sudo.

Adding users to the group sudo allows those users to execute sudo without a password but this is strongly discouraged.

Sudo allows a fairly fine grain of control. Note that inclusions (lists of specific commands/paths allowed, rather than rejected) is preferable. But be careful granting root access to commands with shell escapes.


Copyright © 1995-2006 [email protected]

 
 
  Published under the terms fo the GNU General Public License Design by Interspire