Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [sudo]

sudo is a tool which allows users to run commands as another user (usually the root user)

sudo allows users to run commands as another user. It is typically used to allow trusted users to run commands as root, without giving them root access, or to allow a user to run commands as another user. Both of these uses must be allowed by the root user.

877 questions
200
votes
8 answers

How to setup passwordless `sudo` on Linux?

How can passwordless sudo access be setup on either RHEL (Fedora, CentOS, etc) or Ubuntu distributions? (If it's the same across distros, that's even better!) Setting: personal and/or lab/training equipment with no concern for unauthorized access…
warren
  • 17,829
  • 23
  • 82
  • 134
187
votes
11 answers

ssh-agent forwarding and sudo to another user

If I have a server A into which I can login with my ssh key and I have the ability to "sudo su - otheruser", I lose key forwarding, because the env variables are removed and the socket is only readable by my original user. Is there a way I can…
Florian Schulze
179
votes
8 answers

Sudo as different user and running screen

Found out today that running screen as a different user that I sudo into won't work! i.e. ssh bob@server # ssh into server as bob sudo su "monitor" - screen # fails: Cannot open your terminal '/dev/pts/0' I have a script…
sdot257
  • 3,039
  • 5
  • 29
  • 38
120
votes
8 answers

How can I implement ansible with per-host passwords, securely?

I would like to use ansible to manage a group of existing servers. I have created an ansible_hosts file, and tested successfully (with the -K option) with commands that only target a single host ansible -i ansible_hosts host1 --sudo -K # + commands…
supervacuo
  • 1,403
  • 2
  • 11
  • 10
113
votes
17 answers

Why does sudo command take long to execute?

I've been picking up Linux (Fedora 10, then 11) over the past few months (and enjoying it immensely-- it's like discovering computers all over again, so many things to learn). I've added my user to the last line of the /etc/sudoers file as shown…
Cuga
  • 101
  • 3
  • 4
  • 11
83
votes
12 answers

How can I run arbitrarily complex command using sudo over ssh?

I have a system that I can only log in to under my username (myuser), but I need to run commands as other user (scriptuser). So far, I have come up with the following to run the commands I need: ssh -tq myuser@hostname "sudo -u scriptuser bash -c…
VoY
  • 1,265
  • 2
  • 11
  • 9
81
votes
7 answers

Log all commands run by admins on production servers

It is company policy for admins to login to the servers via a personal username, and then run sudo -i to become root. Upon running sudo -i, sudo will create an environmental variable called SUDO_USER, which contains the original user's username. Is…
Soviero
  • 4,306
  • 7
  • 34
  • 59
79
votes
2 answers

sudoers: how to disable requiretty per user

I don't want to comment out the line in /etc/sudoers: Defaults requiretty Instead, I only want a certain user not to require a tty. How can this be done?
user27451
  • 1,151
  • 2
  • 10
  • 14
67
votes
4 answers

How can I allow one user to su to another without allowing root access?

I'd like to allow certain users to su to another user account without having to know that account's password, but not allow access to any other user account (i.e. root). For instance, I'd like to allow Tom the DBA to su to the oracle user, but not…
gharper
  • 5,365
  • 4
  • 28
  • 34
61
votes
9 answers

Is it OK to set up passwordless `sudo` on a cloud server?

I love the idea of accessing servers via keys, so that I don't have to type in my password every time I ssh into a box, I even lock my user's (not root) password (passwd -l username) so it's impossible to log in without a key. But all of this…
Dmitry Pashkevich
  • 693
  • 1
  • 5
  • 11
58
votes
10 answers

how to use xauth to run graphical application via other user on linux

My regular user account is, let's say, user1. I created separate user2 for some x application that i would like to run while being logged into x as user1 but in a way that will prevent it from read/write access to user1 data. I thought that i could…
Phil
  • 1,839
  • 6
  • 27
  • 33
53
votes
2 answers

Why do I have to edit /etc/sudoers with visudo?

I've noticed that the sudoers file and cron config files act in a special way compared to other config files on Linux. They need to be edited with a special wrapper rather than any text editor. Why is this?
Brian Lyttle
  • 1,747
  • 1
  • 17
  • 17
51
votes
4 answers

Linux: set up for remote sysadmin

Every now and then I get the odd request to provide remote support, troubleshooting and/or performance tuning on Linux systems. Larger companies often already have well established procedures to provide remote access to vendors/suppliers and I only…
HBruijn
  • 72,524
  • 21
  • 127
  • 192
51
votes
1 answer

What's the difference between sudo su - postgres and sudo -u postgres?

PostgreSQL users peer authentication on unix sockets by default, where the unix user must be the same as the PostgreSQL user. So people frequently use su or sudo to become the postgres superuser. I often see people using constructs like: sudo su -…
Craig Ringer
  • 10,553
  • 9
  • 38
  • 59
46
votes
6 answers

How do I sudo over sshfs?

On my local host alpha I have a directory foo that is mapped via sshfs to host bravo as follows: $ sshfs charlie@bravo:/home/charlie ~/foo However, on host bravo there is another user, delta, that I want to sudo /bin/su as, so that I can do work in…
dirtside
  • 1,481
  • 4
  • 17
  • 22
1
2 3
58 59