Difference between revisions of "Sudo"
Jump to navigation
Jump to search
↑ https://askubuntu.com/questions/192050/how-to-run-sudo-command-with-no-password
(→Errors) |
|||
(13 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | <code>[[wikipedia:sudo|sudo]]</code> is a program for Unix-like computer operating systems that allows users to run programs with the security privileges of another user. | + | {{lowercase}} |
+ | <code>[[wikipedia:sudo|sudo]]</code> (1980s) is a program for Unix-like computer operating systems that allows users to run programs with the security privileges of another user. | ||
+ | * Man page: https://man7.org/linux/man-pages/man8/sudo.8.html | ||
+ | == Examples == | ||
* Add user to sudo [[group]]: <code>sudo [[usermod]] '''-a'''G sudo YOUR_USERNAME</code> | * Add user to sudo [[group]]: <code>sudo [[usermod]] '''-a'''G sudo YOUR_USERNAME</code> | ||
+ | * <code>[[sudo -u postgres psql]]</code> | ||
== Task == | == Task == | ||
Line 27: | Line 31: | ||
== Options == | == Options == | ||
* <code>-S, --[[stdin]]</code> | * <code>-S, --[[stdin]]</code> | ||
+ | * <code>[[-u]]</code> | ||
+ | |||
+ | == Related terms == | ||
+ | * [[Qualys]] | ||
+ | * <code>[[sudoedit]]</code> | ||
+ | * <code>[[become_method]]</code> | ||
+ | * <code>[[SET SESSION AUTHORIZATION]]</code> | ||
+ | * [[gosu]] | ||
+ | * [[kubectl]] [[--as]] | ||
== See also == | == See also == | ||
* {{Linux Commands privileges}} | * {{Linux Commands privileges}} | ||
− | * [[journalctl]] | + | * [[journalctl]], [[machinectl]] |
+ | * {{become}} | ||
[[Category:Linux]] | [[Category:Linux]] | ||
[[Category:Linux commands]] | [[Category:Linux commands]] |
Latest revision as of 09:26, 2 November 2023
sudo
(1980s) is a program for Unix-like computer operating systems that allows users to run programs with the security privileges of another user.
Examples[edit]
- Add user to sudo group:
sudo usermod -aG sudo YOUR_USERNAME
sudo -u postgres psql
Task[edit]
- Allow user YOUR_USER_NAME to run sudo commands without typing the password:
Include in /etc/sudoers
, using the visudo
command, the following line at the end of the file:
YOUR_USER_NAME ALL=(ALL) NOPASSWD:ALL
[1]
- Understand order rules are applied and impact: https://vim.fandom.com/wiki/Set_Vim_as_your_default_editor_for_Unix
- Use Ansible to modify file for passwordless sudo execution in Ubuntu
Security vulnerabilities[edit]
- CVE-2019-14287 https://nvd.nist.gov/vuln/detail/CVE-2019-14287, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14287. CVSS Base Score: 8.8
Exploitable if the following configuration is present:
username hostname = (ALL, !root) path-to-command
Errors[edit]
sudo: unable to resolve host
See: resolv.conf
[sudo] password for USERNAME: USERNAME is not in the sudoers file. This incident will be reported.
Options[edit]
Related terms[edit]
See also[edit]
sudo
,id
,visudo
,useradd
,userdel
,usermod
,groups
,passwd
,chown
,chmod
,chgrp
,groupadd
,groupdel
, Passwordless sudo, passwd (package),sudo --help
- journalctl, machinectl
sudo, doas
, Polkit (pkexec
)
Advertising: