sudo

Sudo (short for substitute user do) is a command on Unix and Unix-like operating systems such as Linux or Mac OS X, which is used to start processes with the privileges of another user (for example, for the root user ), without whose password need to know. In contrast to the not sudo belonging below is adjustable, which commands can be executed. The permanent change of identity is also possible by sudo -s and sudo -i.

History

The first version was built around 1980 at the State University of New York at Buffalo, because it was recognized that many students needed commands that may be used by administrators actually, but posed no threat to the existing system. Bob Coggeshall and Cliff Spencer implemented the command on a VAX-11/750 under 4.1BSD. The original sudo command was 1983/84 developed for AT & T's Unix System V. 1991 wrote Dave bat and Jeff Nieusma a new version for the company " The Root Group". This version was later released under the GNU General Public License. Then based Todd Miller's " CU sudo ", which first appeared in 1994. In 1999, the prefix " CU ", who had served until then the distinction between the "Root Group " version deleted. Since version 1.6 no original code of this version is included more in the former CU sudo, which is available under a BSD license ..

Configuration

In the / etc / sudoers file specifies which users or groups are allowed to run certain programs with which rights. A simple variant is, for example:

This means that members of the group 'admin' can perform all commands with root privileges without having to enter their personal password. It is also certain commands are enabled as in the following example for the user user1:

Editing the sudoers should be allowed for safety reasons only by the superuser.

Alternative

Due to the function-related operation to control the execution of programs using sudo a reckless expansion of rights. Further techniques such as the assignment of individual rights to users are about Role Based Access Control and Mandatory Access Control.

Windows

There are implementations for Windows as sudowin and Surun that mimic the sudo mechanism partially.

The runas command on Windows 2000 or later allows you to start programs with the privileges of another user, but is not the same as sudo, but rather with the Unix su command: If runas must also unlike sudo to know the password of the account, the privileges to be used. The mechanism of User Account Control ( UAC) in Microsoft Windows Vista and Windows 7 is also not to be equated with sudo, since instead of the feasibility of files rights are assigned to resources.

ISC license su (Unix) University at Buffalo, The State University of New York BSD licenses Manpage List of Unix utilities Chown cp (Unix) df (Unix) ln (Unix) mkdir rm (Unix) rmdir shred (Unix) touch (Unix) cat (Unix) cut (Unix) head (Unix) sort (Unix) split (Unix) tail (Unix) tr (Unix) basename dirname du (Unix) expr nohup Printf format string Tee (command) test (Unix) True and false (commands) uname who (Unix) whoami
753680
de