Go to TogaWare.com Home Page. GNU/Linux Desktop Survival Guide
by Graham Williams
Duck Duck Go



CLICK HERE TO VISIT THE UPDATED SURVIVAL GUIDE

SUDO: Root Access

The sudo package allows a normal user to execute commands as root in a controlled manner.

Debian's sudo package has the password timeout set to 15 minutes. This means that when you first enter your password, as long as you don't wait more than 15 minutes between sudo commands, you won't have to enter it again. The password timeout can be immediately expired with sudo -k.

Debian's sudo is compiled with

  --with-exempt=sudo
  --with-secure-path="/usr/local/sbin:/usr/local/bin:/usr/sbin:...
As a consequence, the PATH of the user is ignored except if the user is in group sudo.

Adding users to the group sudo allows those users to execute sudo without a password but this is strongly discouraged.

Sudo allows a fairly fine grain of control. Note that inclusions (lists of specific commands/paths allowed, rather than rejected) is preferable. But be careful granting root access to commands with shell escapes.


Support further development by purchasing the PDF version of the book.
Other online resources include the Data Science Desktop Survival Guide.
Books available on Amazon include Data Mining with Rattle and Essentials of Data Science.
Popular open source software includes rattle and wajig.
Hosted by Togaware, a pioneer of free and open source software since 1984.
Copyright © Togaware Pty Ltd. . Creative Commons ShareAlike V4.