sudo - suck it up and do as ordered


Usually I run openSuSE distro and I use the command sudo a lot but if you use Ubuntu I’m sure that you’ve come across with it. It’s a great tool that will help you keep up you server/laptop safe an secure.

Secure because you’ll always know who executed what. Every sudo command line is recorded in /var/log/messages.

Safe because it will protect the system from yourself (if you are the sysadmin or owner), and yes guys you all know that sometimes we are the biggest threat for the systems we run. Who never deleted the wrong dir? Who never changed the wrong file?

Well with sudo you may avoid these hassles by limiting your permissions while doing administrative tasks. If you ALWAYS use a regular user on the server/laptop and just jump to root  when need you may avoid much trouble, but if you use just the command you wish with root permissions it will be even better.

To do this you may use the command sudo, lets imagine you want to change a ip address from the command line using your own user:

sudo ifconfig eth0

After doing the command you’ll see that it will ask the root passwd and voilá… it’s done.

But now imagine that it is your own laptop and you don’t want to put the root passwd all the time. After all if you are the laptop owner and you have a strong passwd it should be enough (now I’ll have a thousand replies by people telling this isn’t that secure, but just remember it’s your own machine, and your user as a nice and powerful passwd) you may want to change that sudo behavior so it doesn’t requests your passwd all the time.

To do this you’ll use the command visudo

and add a line like this:

your_username_goes_here  ALL=(ALL) NOPASSWD:ALL

You may find more information here

Cheers and see you next time