Questions tagged [sudo]
sudo is a tool which allows users to run commands as another user (usually the root user)
892
questions
211
votes
8
answers
341k
views
How to setup passwordless `sudo` on Linux?
How can passwordless sudo access be setup on either RHEL (Fedora, CentOS, etc) or Ubuntu distributions? (If it's the same across distros, that's even better!)
Setting: personal and/or lab/training ...
194
votes
11
answers
107k
views
ssh-agent forwarding and sudo to another user
If I have a server A into which I can login with my ssh key and I have the ability to "sudo su - otheruser", I lose key forwarding, because the env variables are removed and the socket is only ...
180
votes
8
answers
95k
views
Sudo as different user and running screen
Found out today that running screen as a different user that I sudo into won't work!
i.e.
ssh bob@server # ssh into server as bob
sudo su "monitor" -
screen # fails: Cannot ...
125
votes
17
answers
148k
views
Why does sudo command take long to execute?
I've been picking up Linux (Fedora 10, then 11) over the past few months (and enjoying it immensely-- it's like discovering computers all over again, so many things to learn).
I've added my user to ...
123
votes
8
answers
55k
views
How can I implement ansible with per-host passwords, securely?
I would like to use ansible to manage a group of existing servers. I have created an ansible_hosts file, and tested successfully (with the -K option) with commands that only target a single host
...
83
votes
12
answers
68k
views
How can I run arbitrarily complex command using sudo over ssh?
I have a system that I can only log in to under my username (myuser), but I need to run commands as other user (scriptuser). So far, I have come up with the following to run the commands I need:
ssh -...
82
votes
7
answers
120k
views
Log all commands run by admins on production servers
It is company policy for admins to login to the servers via a personal username, and then run sudo -i to become root. Upon running sudo -i, sudo will create an environmental variable called SUDO_USER,...
80
votes
2
answers
136k
views
sudoers: how to disable requiretty per user
I don't want to comment out the line in /etc/sudoers:
Defaults requiretty
Instead, I only want a certain user not to require a tty.
How can this be done?
70
votes
4
answers
183k
views
How can I allow one user to su to another without allowing root access?
I'd like to allow certain users to su to another user account without having to know that account's password, but not allow access to any other user account (i.e. root).
For instance, I'd like to ...
63
votes
9
answers
13k
views
Is it OK to set up passwordless `sudo` on a cloud server?
I love the idea of accessing servers via keys, so that I don't have to type in my password every time I ssh into a box, I even lock my user's (not root) password (passwd -l username) so it's ...
59
votes
10
answers
245k
views
how to use xauth to run graphical application via other user on linux
My regular user account is, let's say, user1. I created separate user2 for some x application that i would like to run while being logged into x as user1 but in a way that will prevent it from read/...
56
votes
1
answer
166k
views
What's the difference between sudo su - postgres and sudo -u postgres?
PostgreSQL users peer authentication on unix sockets by default, where the unix user must be the same as the PostgreSQL user. So people frequently use su or sudo to become the postgres superuser.
I ...
54
votes
2
answers
10k
views
Why do I have to edit /etc/sudoers with visudo?
I've noticed that the sudoers file and cron config files act in a special way compared to other config files on Linux. They need to be edited with a special wrapper rather than any text editor. Why is ...
51
votes
4
answers
3k
views
Linux: set up for remote sysadmin
Every now and then I get the odd request to provide remote support, troubleshooting and/or performance tuning on Linux systems.
Larger companies often already have well established procedures to ...
49
votes
7
answers
27k
views
How do I sudo over sshfs?
On my local host alpha I have a directory foo that is mapped via sshfs to host bravo as follows:
$ sshfs charlie@bravo:/home/charlie ~/foo
However, on host bravo there is another user, delta, that I ...
45
votes
9
answers
100k
views
su not working on mac os x?
I get this:
Macintosh:8.4 TAmoyal$ su
Password:
su: Sorry
Macintosh:8.4 TAmoyal$
I typed in the password I use for sudo. Why won't this work?
Thanks!
42
votes
3
answers
175k
views
Running Ansible task as a specific user
I am trying to run a specific Ansible task as a different user than the one who is running the playbook. My .yml file looks like this:
---
- hosts: staging_servers
tasks:
- name: check ...
40
votes
1
answer
4k
views
Why can I update a file owned by root using sudo vi, but not append a line to it with sudo echo "Thing" >> file?
I would like to have script that is doing automated migrations of websites from another be able to append Includes to the /etc/httpd/conf.d/vhosts.conf file.
However, when I try to use echo to put ...
35
votes
9
answers
27k
views
How can I execute a bash function with sudo?
I have a bash function defined in a global bashrc, which requires root privileges to work. How can I run it with sudo, e.g. sudo myfunction. By default it gives an error:
sudo: myfunction: command ...
33
votes
10
answers
13k
views
Why su to root instead of logging in as root?
I've heard often that it is better to su to root rather than log in directly as the root user (and of course people also say that it's even better to use sudo). I've never really understood why one ...
32
votes
12
answers
21k
views
How to pass alias through sudo
I have an alias that passes in some parameters to a tool that I use often. Sometimes I run as myself, sometimes under sudo. Unfortunately, of course, sudo doesn't recognise the alias.
Does anyone ...
31
votes
7
answers
16k
views
Can a program tell it is being run under sudo?
I have a program that should behave differently if it is being run under "sudo". Is there a way it can find out if it was run under sudo?
Update: Someone asked why would I want to do this. In this ...
30
votes
7
answers
30k
views
Why do I not have syntax highlighting when I sudo vi <filename>?
I don't understand how to allow syntax highlighting in files I'm editing via vi when using sudo. When I sudo vi <filename> the terminal is only black & white of my terminal settings. In vi ...
30
votes
4
answers
9k
views
vim re-edit as root
I often open a file in vim, make some changes and when it's time to save the file is read-only.. (owned by another user). I'm looking for tips on how I could re-open the file
as root and keep my ...
30
votes
1
answer
27k
views
Changing the Sudo warning
The first time you try and sudo on a server you get the sudo warning;
We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things:
#1)...
27
votes
5
answers
5k
views
What are the actual benefits of assigning sudo privileges to a user instead of using root?
I am fairly new to server administration, and I have seen a lot of sites recommending to assign sudo privileges to a user created by the root user and giving the root user an insanely long password ...
27
votes
2
answers
46k
views
How can I allow all users to run a given command via sudo?
I know how to create a command which a given user can execute via sudo. I have a given command I want to allow any user to be able to execute via sudo without entering a password. What would I put in ...
27
votes
4
answers
24k
views
How do I list virsh networks without sudo?
I noticed a strange behavior on one machine using Debian that I can't reproduce on another machine running Ubuntu. When listing virsh networks as an ordinary user, it shows an empty list:
~$ virsh ...
26
votes
2
answers
44k
views
How does Amazon ec2-user get its sudo rights
I am looking for where the default Amazon AMI linux image sets up the privileges for the default ec2-user account.
After logging in with this account I can use sudo successfully. Checking via the ...
25
votes
2
answers
4k
views
Why does password entering work in a piped sudo command?
If I do:
sudo cat /etc/resolv.conf | less
It will prompt me for the password, even though less (presumably) takes stdin. Over what fd's is the password prompt shown and how does it get the input ...
23
votes
5
answers
6k
views
Temporarily increasing sudo's timeout for the duration of an install script
I'm trying to write a script that will install a bunch of software and I'd like to not have to run everything as root, so I'd like to be able to prompt for a password and then go about the install, ...
22
votes
8
answers
29k
views
Linux - use "su -" but keep the current directory
When I do su - to get to root, my current directory is set to root's home. Is there anyway to keep the current directory that I was in, much like sudo -s. Or is the answer to use sudo?
22
votes
2
answers
25k
views
How to grant sudo rights only to specific script files?
I would like a user to have sudo rights (without password check) to a couple of shell scripts under a specific directory (in my case, /usr/local/tomcat7/bin), and to nowhere else. What's the simplest ...
21
votes
5
answers
31k
views
`sudo echo "bla" >> /etc/sysctl.conf` permission denied
Disclaimer: I'm pretty novice at sysadmin stuff.
I'm trying to set up port forwarding in an AWS EC2 instance, this has to be done in the command-line because I don't want to go in and edit anything, ...
20
votes
9
answers
7k
views
root login or sudo user for server administration?
I'm trying to understand the technical arguments/security implications between ssh'ing with root directly, or making an auxiliary sudo user in the context of maintaining a server. To clarify, we're ...
20
votes
4
answers
16k
views
How can I use sudo to check if a file exists?
I want to check if a file exists like so
[ -f /path/to/file/ ]
However I am running this command as a regular user and the file is owned by root. How can I use sudo to accomplish this.
sudo [ -f /...
19
votes
2
answers
56k
views
sudo rejects password that is correct
sudo (Which I have configured to ask for a password) is rejecting my password (as if I mis-typed it) I am absolutely not typing it incorrectly. I have changed the password temporarily to alphabetic ...
18
votes
2
answers
10k
views
Sudo directive in /etc/sudoers.d doesn't work (but it's fine if it's in /etc/sudoers)
I wish to add a file to the /etc/sudoers.d folder that includes a directive to allow www-data to run one specific script with no root password.
The directive is
www-data ALL=(ALL) NOPASSWD: /path/to/...
16
votes
2
answers
8k
views
AWS - removing ec2-user from sudo list
I'm running a production-level Amazon ec2 instance, and I want to close out root privileges to all users. Normally, when one logs in to the instance as ec2-user, the ec2-user immediately gets sudo ...
15
votes
3
answers
20k
views
check admin rights inside python script
How to check that my python script is running under Administrator rights (sudo) under BSD-like OS? Need to display user-friendly warning in order it is executed without admin rights.
15
votes
2
answers
11k
views
sudo not working on certain commands
I have a rather weird problem with sudo on Debian 8. Users cannot execute some of commands in /etc/sudoers.d. I use Chef to distribute configurations, so all files are automatically generated.
...
15
votes
8
answers
25k
views
Every single time I use sudo it hangs before completing
Whether I get prompted for a password or not, it hangs between accepting the authentication and executing what I asked for. In other words sudo ls will hang for about 60 seconds.
I'm confused about ...
14
votes
4
answers
8k
views
Is it insecure to have an ansible user with passwordless sudo?
I'm new to Ansible. Most VPS provisioning guides I've seen so far do this:
disable root from logging in
create a new user who can only log in with ssh (not password)
add the new user to the wheel ...
14
votes
3
answers
21k
views
sudoers to execute commands as another user
I'd like to allow one of my users to execute commands as another user on my Ubuntu Lucid server.
I'm struggling with finding the syntax for the sudoers file to do this. Say I'm connecting to the box ...
14
votes
2
answers
30k
views
Using FreeIPA for centralized sudo - how to specify ALL commands?
I'm having a hard time wrapping my head around FreeIPA's model. The FreeIPA manual states:
FreeIPA adds an extra control measure with sudo command groups, which
allow a group of commands to be ...
14
votes
2
answers
4k
views
What is the difference between "sudo -i" and "sudo bash -l"
There is a recent question regarding multiple sysadmins working as root, and sudo bash -l was referenced.
I searched for this on google and SE, but I don't understand the difference between sudo ...
13
votes
5
answers
9k
views
Ubuntu: borked my sudoers file, how can I fix it?
I was editing my /etc/sudoers file and saved it but it has a syntax error in there. Now I can't sudo vim /etc/sudoers because sudo thinks the sudoers file is not valid.
How can I fix this?
13
votes
5
answers
51k
views
ubuntu: let a user run a script with root permissions
I have ubuntu 8.04 and I want to write a bash script that runs as root which every user can run.
I myself can do sudo.
How do I do that?
CLARIFICATION: I don't want to do it with sudo, because then ...
13
votes
4
answers
20k
views
Giving access of a set of commands to a non-root user without sudo
I want to give non-sudo access to a non-root user on my machine, there is a user dns-manager, his only role is to run all the BIND commands(rndc, dnssec-keygen) etc.
Now everytime he has to run a ...
13
votes
4
answers
4k
views
Save file after forgetting to open as root / sudo vi [duplicate]
Possible Duplicate:
vim re-edit as root
I could have sworn I saw this question asked. But after looking though every search result for "vi" I'm stumped/lazy.
I've opened a file, made an edit and ...