Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [sudo]

sudo - Execute a command with superuser privileges.

Sudo (superuser do) allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments.

The configuration file for sudo is /etc/sudoers (as well as /etc/sudoers.d/* in recent versions). Best practice is to use the visudo command to edit /etc/sudoers. This utility safeguards the user by locking the file (preventing simultaneous edits) and checking for syntax errors before saving the file. It can also be used to edit files in the /etc/sudoers.d directory, by using its -f, --file= option e.g.,

sudo visudo -f /etc/sudoers.d/customisations

Further reading

2466 questions
244
votes
15 answers

How to run a specific program as root without a password prompt?

I need to run something as sudo without a password, so I used visudo and added this to my sudoers file: MYUSERNAME ALL = NOPASSWD: /path/to/my/program Then I tried it out: $ sudo /path/to/my/program [sudo] password for MYUSERNAME: Why does it ask…
LanceBaynes
  • 40,135
  • 97
  • 255
  • 351
151
votes
10 answers

Username is not in the sudoers file. This incident will be reported

I am running Ubuntu 12.04 on my laptop using VMware Player. I am not sure why but I have an account called "User Account" in addition to my account that I usually login to use Ubuntu. Well that was just a side comment but basically all I am trying…
fsolano94
  • 1,647
100
votes
2 answers

Why do we need to use visudo instead of directly modifying the sudoers file?

I understand that if you want to modify who can use sudo and what they can do with it that you should use visudo. I know I'm not supposed to directly modify the /etc/sudoers file myself. What is it that visudo does that directly modifying the file…
Dason
  • 1,102
82
votes
12 answers

Why do I have to use sudo for almost everything?

If I understand the Linux philosophy correctly, sudo should be used sparingly, and most operations should be performed as an under-privileged user. But that doesn't seem to make sense, since I'm always having to input sudo, whether I'm managing…
user139248
  • 845
64
votes
3 answers

Change default sudo password timeout

When I run sudo and enter my password, a subsequent invocation of sudo within a few minutes will not need the password to be re-entered. How can I change the default timeout to require the password again?
Tom Hale
  • 30,455
64
votes
2 answers

What is the proper sudoers syntax to add a user?

According to the comments in /etc/sudoers (Fedora 13): ## Syntax: ## ## user MACHINE=COMMANDS ## ## The COMMANDS section may have other options added to it. My two related questions: What does the ALL=(ALL) ALL mean in the following line: root…
Belmin Fernandez
  • 9,597
54
votes
5 answers

Why doesn't the sudo command need the root password?

I've been using Linux for a while now and whenever I typed sudo I thought I was switching over to the root user for a command. Apparently this is not true because all I need is my user account's password. I'm guessing since I haven't worked with…
EGHDK
  • 781
53
votes
2 answers

Why are the #include and #includedir directives in sudo prefixed with the pound (#) character

While setting up a sudo environment I noticed that the include directive is prefixed with the pound (#) character. Solaris shows this as: ## Read drop-in files from /etc/sudoers.d ## (the '#' here does not indicate a comment) #includedir…
Lambert
  • 12,680
49
votes
3 answers

How to disable requiretty for a single command in sudoers?

I want to disable requiretty so that I can sudo within scripts, but I'd rather only disable it for a single command rather than everything. Is that possible within the sudoers config?
artbristol
  • 642
49
votes
6 answers

How to set visudo to use a different editor than the default on Fedora?

Fedora 14 uses vi by default when one runs visudo. Is there a way to change this to something else?
tshepang
  • 65,642
49
votes
4 answers

How do I use command arguments with Cmnd_Alias in sudoers?

How do I specify command arguments in sudoers? As a background, aws command is actually a gateway to a whole bunch of sub-systems and I want to restrict the user to only run aws s3 cp ...any other args... When I try the following in…
Dinesh
  • 1,291
37
votes
8 answers

Set sudo password differently from login one

As a privileged user I am trying to set the sudo password to another then the one used at login. I have done some research but have not found an answer. Does sudo support that kind of configuration? If you ever lose your password, you lose…
Shâu Shắc
  • 948
  • 1
  • 10
  • 12
32
votes
4 answers

Allow user to run a command with arguments (which contains spaces)

I want to allow one user to run grep (through sudo), and to grep for one specific string in one specific file. I don't want to allow this user to be able to run grep on all files. The user doesn't have read access to the file, hence the requirement…
Amandasaurus
  • 1,256
28
votes
1 answer

What does "ALL ALL=(ALL) ALL" mean in sudoers?

If a server has the following in /etc/sudoers: Defaults targetpw ALL ALL=(ALL) ALL Then what does this mean? all the users can sudo to all the commands, only their password is needed?
LoukiosValentine79
  • 1,499
27
votes
3 answers

`/etc/sudoers` -- specify `env_keep` for one command only?

Is there any way to specify that sudo should preserve certain environment variables for specified commands only? For some purposes I'd like my $HOME env. variable preserved when I run certain commands. For other purposes and other commands, I want…
simon
  • 1,508
1
2 3
13 14