SUDO Users

What is  Sudo ? Explain its responsiblities .

Sudo (superuser do) is a utility for UNIX- and Linux-based systems that provides an efficient way to give specific users permission to use specific system commands at the root (most powerful) level of the system. Sudo also logs all commands and arguments. Using sudo, a system administrator can:

  • Give some users (or groups of users) the ability to run some (or all) commands at the root level of system operation
  • Control which commands a user can use on each host
  • See clearly from a log which users used which commands
  • Using timestamp files, control the amount of time a user has to enter commands after they have entered their password and been granted appropriate privileges

Sudo access allows a user to execute all permitted commands as root or as any other user. Once the sudo access is given to a specific user in sudoers file, that user can execute the commands as root by executing it using the prefix sudo. This user has full system access and should be used only for administrative tasks. There are basically no restrictions on what you can do to your system.

What is the sudoers file and how sudo command works?

The /etc/sudoers file controls who can run what commands as what users on what machines and can also control special things such as whether you need a password for particular commands. When you have a new user on your system, you need to decide if this user should be able to perform administrative tasks with sudo. If the new user will be a primary user on the system, you usually want to enable sudo privileges so that you can do routine configuration and maintenance.

That is, if sudo access is provided to the user sam, he can list the files under the protected folder /root as follows.

$ sudo ls /root

It will ask for the password to enter (user sam’s password and not root password). Once you are authenticated, a timestamp will be set and you can execute sudo command without password for a short period of time (5 minutes by default) after which the timestamp get reset.

Add user for sudo access in /etc/sudoers file

To give users access to the sudo command, we need to use the visudo command to edit /etc/sudoers file. You should never edit this file with a normal text editor but always use the visudo command instead. If you have not assigned additional privileges to any user yet, you will need to be logged in as root to access this command

# visudo

This will lock the sudoers file to prevent simultaneous modification and will not save the changes in the file in case of any syntax errors. You will be taken into a text editor session with the file that defines sudo privileges pre-loaded. 

Leave Comment

Important Topics

Features of Unix
Block Diagram of Unix System
Architecture of Unix Operating System
Linux Operating System
Linux Vs Unix
Unix vs Windows
Shell and types of Shell
Advantages and disadvantages of Unix
Unix File System
Types of File
Daemon Process
Process Life Cycle
Fork System Call
Piping in Unix
Users and types of Users
User Management Systems
SUDO Users
Basic Shell Commands in Linux