Sudo

sudo

sudo in a terminal
Developed by	Todd C. Miller
Latest release	1.6.9p18 / November 14, 2008
Preview release	1.7.0rc5 / November 11, 2008
OS	Unix-like
Type	Privilege authorization
License	ISC-style[1]
Website	http://www.sudo.ws/

The sudo (super user do, officially pronounced /ˈsuːduː/,^[2] though /ˈsuːdoʊ/ is also common) command is a program for Unix-like computer operating systems that allows users to run programs with the security privileges of another user (normally the superuser, aka. root). It is much like the "Administrator" status on Windows systems. By default, sudo will prompt for a user password but it may be configured to require the root password or no password at all.^[3] sudo is able to log each command run and in some cases has completely supplanted the superuser login for administrative tasks, most notably in Ubuntu Linux and Apple's Mac OS X.^[4][5]

The program was originally written by Bob Coggeshall and Cliff Spencer "around 1980" at the Department of Computer Science at SUNY/Buffalo. The current version is under active development and is maintained by OpenBSD developer Todd C. Miller and distributed under a BSD-style license.^[6]

Contents 1 Design 2 See also 3 References 4 External links

Design

Before running a command with sudo, users typically supply their password. Once authenticated, and if the /etc/sudoers configuration file permits the user access, then the command is run. There exist several graphical frontends for use in a GUI environment, notably kdesu, kdesudo and gksudo; Mac OS X also has the "authorization services", a GUI equivalent to sudo. By default, the user's password will be retained for fifteen minutes^[7], allowing the user to execute several successive commands as root without having to provide his or her password multiple times.

The following is an example where the user is denied access:

snorri@rimu:~$ sudo vi /etc/resolv.conf

 We trust you have received the usual lecture from the local System
 Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

 Password:
 snorri is not in the sudoers file.  This incident will be reported.
 snorri@rimu:~$

Below is the log of this failed attempt, then a later successful one, after snorri has been added to /etc/sudoers:

snorri@rimu:~$ sudo tail /var/log/auth.log
 Aug  5 06:00:28 localhost sudo:    snorri : user NOT in sudoers ; TTY=pts/1 ; PWD =/home/snorri ; USER=root ; COMMAND=/usr/bin/vi /etc/resolv.conf
 Aug  5 06:01:15 localhost su[15573]: (pam_unix) session opened for user root by snorri(uid=1000)
 Aug  5 06:02:09 localhost sudo:    snorri : TTY=pts/1 ; PWD=/home/snorri ; USER=root ; COMMAND=/usr/bin/vi /etc/resolv.conf
 Aug  5 06:02:49 localhost sudo:    snorri : TTY=pts/1 ; PWD=/home/snorri ; USER=root ; COMMAND=/usr/bin/tail /var/log/auth.log

See also

• Comparison of privilege authorization features
• setuid
• su
• Sudosh
• sysctl
• User Account Control
• runas

References

External links

• The sudo homepage
• rootsh and sudosh, sudo wrappers for logging
• Sudo Fun, a brief guide to sudo on the mac

v • d • e Unix command line programs and builtins (more) File system cat · cd · chmod · chown · chgrp · cksum · cmp · cp · du · df · file · fsck · fuser · ln · ls · lsattr · lsof · mkdir · mount · mv · pwd · rm · rmdir · split · touch Processes at · chroot · cron · exit · kill · killall · nice · pgrep · pidof · pkill · ps · pstree · sleep · time · top · wait · watch User environment env · finger · id · logname · mesg · passwd · su · sudo · uname · uptime · w · wall · who · whoami · write Text processing awk · comm · cut · ed · ex · fmt · head · iconv · join · less · more · paste · sed · sort · tac · tail · tr · uniq · wc · xargs Shell programming alias · basename · echo · expr · false · printf · test · true · unset Networking inetd · netstat · ping · rlogin · netcat · traceroute Searching find · grep · strings Miscellaneous banner · bc · cal · clear · date · dd · lp · man · size · tee · tput · yes · umask

---

No comments have been added.

Your name:
City:
Country:	USA UK India Pakistan UAE Saudi Arabia Germany Afghanistan Albania Algeria Andorra Angola Antigua Barbuda Argentina Armenia Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bhutan Bolivia Bosnia Herzegovina Botswana Brazil Brunei Bulgaria Burkina Faso Burma Burund Cambodia Cameroon Canada Central African Rep Chad Chile China Columbia Comoros Congo Costa Rica Croatia Cuba Cyprus Czech Republic DR Congo Denmark Djiboutil Dominica Dominican Rep Ecuador Egypt El Salvador Eq Guinea Eritrea Estonia Ethiopia Fiji Finland France Gabon Gambia Georgia Germany Ghana Greece Grenada Grenadines Guatemala Guinea Bissau Guinea Guyana Haiti Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Israel Italy Ivory Coast Jamaica Japan Jordan Kazakhstan Kenya Kiribati Kuwait Kyrgyzstan Laos Latvia Lebanon Liberia Libya Liechtenstein Lithuania Luxembourg Macedonia Macau Madagascar Malawi Malaysia Maldives Mali Malta Mauritania Mauritius Mexico Micronesia Moldova Monaco Mongolia Morocco Mozambique Namibia Nauru Nepal Neth Antilles Netherlands New Zealand Nicaragua Niger Nigeria North Korea Norway Oman Pakistan Panama Papua New Guinea Paraguay Peru Philippines Poland Portugal Puerto Rico Qatar Rawanda Romania Russia Sao Tome Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Korea South Africa Spain Sri Lanka St Kitts_Nevis St Lucia Sudan Suriname Sweden Switzerland Syria Taiwan Tajikistan Tanzania Thailand Togo Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Tuvala UAE Uganda Ukraine Uruguay Uzbekistan Vanuatu Venezuela Vietnam Western Samoa Yemen Yugoslavia Zaire Zambia Zimbabwe
Your comments:
Security check * (Please enter the number into adjoining box)