Subject Unix and Shell Programming


SUDO Users

What is  Sudo ? Explain its responsiblities .

Sudo (superuser do) is a utility for UNIX- and Linux-based systems that provides an efficient way to give specific users permission to use specific system commands at the root (most powerful) level of the system. Sudo also logs all commands and arguments. Using sudo, a system administrator can:

  • Give some users (or groups of users) the ability to run some (or all) commands at the root level of system operation
  • Control which commands a user can use on each host
  • See clearly from a log which users used which commands
  • Using timestamp files, control the amount of time a user has to enter commands after they have entered their password and been granted appropriate privileges

Sudo access allows a user to execute all permitted commands as root or as any other user. Once the sudo access is given to a specific user in sudoers file, that user can execute the commands as root by executing it using the prefix sudo. This user has full system access and should be used only for administrative tasks. There are basically no restrictions on what you can do to your system.

What is the sudoers file and how sudo command works?

The /etc/sudoers file controls who can run what commands as what users on what machines and can also control special things such as whether you need a password for particular commands. When you have a new user on your system, you need to decide if this user should be able to perform administrative tasks with sudo. If the new user will be a primary user on the system, you usually want to enable sudo privileges so that you can do routine configuration and maintenance.

That is, if sudo access is provided to the user sam, he can list the files under the protected folder /root as follows.

$ sudo ls /root

It will ask for the password to enter (user sam’s password and not root password). Once you are authenticated, a timestamp will be set and you can execute sudo command without password for a short period of time (5 minutes by default) after which the timestamp get reset.

Add user for sudo access in /etc/sudoers file

To give users access to the sudo command, we need to use the visudo command to edit /etc/sudoers file. You should never edit this file with a normal text editor but always use the visudo command instead. If you have not assigned additional privileges to any user yet, you will need to be logged in as root to access this command

# visudo

This will lock the sudoers file to prevent simultaneous modification and will not save the changes in the file in case of any syntax errors. You will be taken into a text editor session with the file that defines sudo privileges pre-loaded. 

Leave Comment

Important Topics

 Title
Unix
Read
Features of Unix
Read
Block Diagram of Unix System
Read
Architecture of Unix Operating System
Read
Linux Operating System
Read
Linux Vs Unix
Read
Unix vs Windows
Read
Shell and types of Shell
Read
Kernal
Read
Advantages and disadvantages of Unix
Read
Unix File System
Read
Types of File
Read
Process
Read
Daemon Process
Read
Process Life Cycle
Read
Fork System Call
Read
Grep
Read
Piping in Unix
Read
Users and types of Users
Read
User Management Systems
Read
SUDO Users
Read
Basic Shell Commands in Linux
Read