Server Fault
Server Fault

Questions tagged [sudo]

sudo is a tool which allows users to run commands with elevated privileges as root. Users authenticate using the credentials of their own account. Accounts that are authorized to run sudo are configured in /etc/sudoers.

sudo is a tool which allows users to run commands with elevated privileges as the root account or equivalent. Users authenticate using the credentials of their own account. Accounts that are authorized to run sudo are configured in /etc/sudoers.

911 questions
222
votes
10 answers

How to setup passwordless `sudo` on Linux?

How can passwordless sudo access be setup on either RHEL (Fedora, CentOS, etc) or Ubuntu distributions? (If it's the same across distros, that's even better!) Setting: personal and/or lab/training equipment with no concern for unauthorized access…
warren
  • 19,297
201
votes
11 answers

ssh-agent forwarding and sudo to another user

If I have a server A into which I can login with my ssh key and I have the ability to "sudo su - otheruser", I lose key forwarding, because the env variables are removed and the socket is only readable by my original user. Is there a way I can…
Florian Schulze
180
votes
8 answers

Sudo as different user and running screen

Found out today that running screen as a different user that I sudo into won't work! i.e. ssh bob@server # ssh into server as bob sudo su "monitor" - screen # fails: Cannot open your terminal '/dev/pts/0' I have a script…
sdot257
  • 3,079
133
votes
18 answers

Why does sudo command take long to execute?

I've been picking up Linux (Fedora 10, then 11) over the past few months (and enjoying it immensely-- it's like discovering computers all over again, so many things to learn). I've added my user to the last line of the /etc/sudoers file as shown…
Cuga
  • 101
124
votes
9 answers

How can I implement ansible with per-host passwords, securely?

I would like to use ansible to manage a group of existing servers. I have created an ansible_hosts file, and tested successfully (with the -K option) with commands that only target a single host ansible -i ansible_hosts host1 --sudo -K # + commands…
supervacuo
  • 1,443
83
votes
13 answers

How can I run arbitrarily complex command using sudo over ssh?

I have a system that I can only log in to under my username (myuser), but I need to run commands as other user (scriptuser). So far, I have come up with the following to run the commands I need: ssh -tq myuser@hostname "sudo -u scriptuser bash -c…
VoY
  • 1,295
  • 2
  • 11
  • 9
83
votes
7 answers

Log all commands run by admins on production servers

It is company policy for admins to login to the servers via a personal username, and then run sudo -i to become root. Upon running sudo -i, sudo will create an environmental variable called SUDO_USER, which contains the original user's username. Is…
Soviero
  • 4,426
82
votes
2 answers

sudoers: how to disable requiretty per user

I don't want to comment out the line in /etc/sudoers: Defaults requiretty Instead, I only want a certain user not to require a tty. How can this be done?
user27451
  • 1,201
76
votes
4 answers

How can I allow one user to su to another without allowing root access?

I'd like to allow certain users to su to another user account without having to know that account's password, but not allow access to any other user account (i.e. root). For instance, I'd like to allow Tom the DBA to su to the oracle user, but not…
gharper
  • 5,535
65
votes
9 answers

Is it OK to set up passwordless `sudo` on a cloud server?

I love the idea of accessing servers via keys, so that I don't have to type in my password every time I ssh into a box, I even lock my user's (not root) password (passwd -l username) so it's impossible to log in without a key. But all of this…
Dmitry Pashkevich
  • 733
61
votes
11 answers

how to use xauth to run graphical application via other user on linux

My regular user account is, let's say, user1. I created separate user2 for some x application that i would like to run while being logged into x as user1 but in a way that will prevent it from read/write access to user1 data. I thought that i could…
Phil
  • 2,119
60
votes
1 answer

What's the difference between sudo su - postgres and sudo -u postgres?

PostgreSQL users peer authentication on unix sockets by default, where the unix user must be the same as the PostgreSQL user. So people frequently use su or sudo to become the postgres superuser. I often see people using constructs like: sudo su -…
Craig Ringer
  • 11,525
54
votes
2 answers

Why do I have to edit /etc/sudoers with visudo?

I've noticed that the sudoers file and cron config files act in a special way compared to other config files on Linux. They need to be edited with a special wrapper rather than any text editor. Why is this?
Brian Lyttle
  • 1,787
53
votes
7 answers

How do I sudo over sshfs?

On my local host alpha I have a directory foo that is mapped via sshfs to host bravo as follows: $ sshfs charlie@bravo:/home/charlie ~/foo However, on host bravo there is another user, delta, that I want to sudo /bin/su as, so that I can do work in…
dirtside
  • 1,723
51
votes
4 answers

Linux: set up for remote sysadmin

Every now and then I get the odd request to provide remote support, troubleshooting and/or performance tuning on Linux systems. Larger companies often already have well established procedures to provide remote access to vendors/suppliers and I only…
HBruijn
  • 84,206
  • 24
  • 145
  • 224
1
2 3
60 61