Linux Today: Linux News On Internet Time.

Linux.com: Delegating Limited Superuser Access with Sudo

Jun 30, 2000, 12:07 (0 Talkback[s])
(Other stories by Kapil Sharma)

"As your network grows, so will your range of responsibilities. At some stage, a system administrator may want to delegate limited responsibilities to other users. Sudo is a special package for this purpose. Instead of giving your root password to other users or changing numerous programs as set uid root (to run as the root user), you can use sudo (which stands for "superuser do") to allow them to run certain commands as the super user (or as another user). Sudo allows you to strictly limit which users can invoke it and what command they can execute."

"All the settings for sudo have to be specified in the file /etc/sudoers. Users enter sudo mode by issuing this command:
$sudo [command]"

"Sudo then demands a password and it checks the configuration file (/etc/sudoers) to make sure you have "sudo" permission to run that command on that particular machine. If the user provides the correct password and has access to execute that command, then the command will be executed. Otherwise, sudo logs the access attempt. Once you are authenticated by sudo, you can use execute multiple commands without being prompted for your password again. This "ticket" will expire five minutes after the last time you use the sudo command."

Complete Story

Related Stories: