Setting Up sudo

From RidgeRun Developer Connection

(Difference between revisions)
Jump to:navigation, search
m (Created page with ' = Overview = Sudo allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and argu...')
m (Disabling password request)
Line 21: Line 21:
<pre>
<pre>
-
sudo $USER admin
+
sudo addgroup $USER admin
echo '%admin ALL=(ALL) NOPASSWD:ALL' | sudo tee --append /etc/sudoers
echo '%admin ALL=(ALL) NOPASSWD:ALL' | sudo tee --append /etc/sudoers
sudo cat /etc/sudoers
sudo cat /etc/sudoers

Revision as of 16:04, 4 November 2011

Overview

Sudo allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments.

The procedure described below creates security issues; thus should only be used on computers that are physically secure against unauthorized use.

More information about sudo can be found at http://www.gratisoft.us/sudo

Building SDK as root user

Don't do it, don't do it, don't do it. It is a very bad practice to do anything but limited sysadmin as the root user. Configure sudo instead.

Disabling password request

The default sudo configuration is to either block root access or require you to enter your password before sudo will run the command. You can change the configuration by adding yourself to the admin group and then modifing the sudoers file to allow anyone in the admin group to not having to enter a password when using sudo.

Be sure you know the root password before running the following commands. If your /etc/sudoers file gets corrupted, you will need to log in as root to repair the file.

Have a shell (terminal) window open and be looked in as your normal user (not root):

sudo addgroup $USER admin
echo '%admin ALL=(ALL) NOPASSWD:ALL' | sudo tee --append /etc/sudoers
sudo cat /etc/sudoers

Verify the contents at the end of /etc/sudoers looks reasonable. If you have more than one line starting with %admin, delete the lines that do not contain NOPASSWD.

Navigation
Toolbox