03-31-2014
That has nothing to do with sudo.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi I am trying to find out the best way to find out how long a command takes to run in miliseconds ..
Is there such a way of doing this in Unix ?
Thanks (3 Replies)
Discussion started by: cfoxwell
3 Replies
2. Shell Programming and Scripting
I understand that to find a type of file using command find I could do "find -type f -name \*.htm -print".
However, I wish to find all files BUT *.htm.
Can I negate the search somehow?
Again, I have peeked into the man files etc... If anyone has an answer, Thanks in Advance! (3 Replies)
Discussion started by: gsjf
3 Replies
3. Shell Programming and Scripting
The title says it all really. I am writing a shell script for a Linux box, and I have recently run into a problem. I need to make sure I am at a certain run level first.
Hence, the question. How can I find out what run level the box is currently running at?
Is there a system variable... (2 Replies)
Discussion started by: Scripting Newb
2 Replies
4. UNIX for Dummies Questions & Answers
ssh user@host -q -n 'grep `hostname` /etc/hosts; telnet 10.100.23.45 1234;'
When i run this command remotely it is hanging and not giving me the prompt, Can anyone tell me how can I exit a telnet command remotely please.
Thanks. (10 Replies)
Discussion started by: venu_nbk
10 Replies
5. Shell Programming and Scripting
If I run the following command remotely after ssh than it works fine
su - oracle -c "/oracle/product/102/db/bin/dbshut"
But If I run the following command it doesn't work
su - oracle -c "/oracle/product/102/db/bin/lsnrctl stop"
Because I think there is a space is present between lsnrctl and... (1 Reply)
Discussion started by: madhusmita
1 Replies
6. Shell Programming and Scripting
Dear all ,
I have a script. this script called get.sh and can get some solaris infomation and save the result as result.tar.gz.
the problem is : we have 12 servers. every time. I need to login 12 server and do the same job 12 times.:mad:
master server
... (2 Replies)
Discussion started by: chinesefish
2 Replies
7. Shell Programming and Scripting
Hi
I have the following script :
#!/bin/ksh
#################### Function macAddressFinder ########################
macAddressFinder()
{
`ifconfig -a > ipInterfaces`
`cat ipInterfaces`
}
#######################################################################
#
#
print... (2 Replies)
Discussion started by: presul
2 Replies
8. Shell Programming and Scripting
I'm trying to write a script that in the end will from one central location hop to a bunch of servers and then run a series of ping tests. The thing is, the list of devices that needs to be pinged is going to be different for each server. So what I want to do is be able to do is read through the... (0 Replies)
Discussion started by: DeCoTwc
0 Replies
9. UNIX for Advanced & Expert Users
First, forgive me if this is a stupid questions that I should have asked in the non-expert forum. It seems like a hard questions to me.
Is there a way to find the hardware model name from the command line on UNIX machines in general?
I want to find out what kind of machines are running at a... (5 Replies)
Discussion started by: Pug
5 Replies
10. Shell Programming and Scripting
I have this script in server2
# cat /root/yesno.sh
#!/bin/bash
read -p "are you sure?" -n 1 -r
if $ ]]; then
echo ""
echo "YES"
else
echo "NO"
fi
# sh /root/yesno.sh
are you sure?y
YES (5 Replies)
Discussion started by: anil510
5 Replies
LEARN ABOUT LINUX
sudo_root
sudo_root(8) System Manager's Manual sudo_root(8)
NAME
sudo_root - How to run administrative commands
SYNOPSIS
sudo command
sudo -i
INTRODUCTION
By default, the password for the user "root" (the system administrator) is locked. This means you cannot login as root or use su. Instead,
the installer will set up sudo to allow the user that is created during install to run all administrative commands.
This means that in the terminal you can use sudo for commands that require root privileges. All programs in the menu will use a graphical
sudo to prompt for a password. When sudo asks for a password, it needs your password, this means that a root password is not needed.
To run a command which requires root privileges in a terminal, simply prepend sudo in front of it. To get an interactive root shell, use
sudo -i.
ALLOWING OTHER USERS TO RUN SUDO
By default, only the user who installed the system is permitted to run sudo. To add more administrators, i. e. users who can run sudo, you
have to add these users to the group 'admin' by doing one of the following steps:
* In a shell, do
sudo adduser username admin
* Use the graphical "Users & Groups" program in the "System settings" menu to add the new user to the admin group.
BENEFITS OF USING SUDO
The benefits of leaving root disabled by default include the following:
* Users do not have to remember an extra password, which they are likely to forget.
* The installer is able to ask fewer questions.
* It avoids the "I can do anything" interactive login by default - you will be prompted for a password before major changes can happen,
which should make you think about the consequences of what you are doing.
* Sudo adds a log entry of the command(s) run (in /var/log/auth.log).
* Every attacker trying to brute-force their way into your box will know it has an account named root and will try that first. What they do
not know is what the usernames of your other users are.
* Allows easy transfer for admin rights, in a short term or long term period, by adding and removing users from the admin group, while not
compromising the root account.
* sudo can be set up with a much more fine-grained security policy.
* On systems with more than one administrator using sudo avoids sharing a password amongst them.
DOWNSIDES OF USING SUDO
Although for desktops the benefits of using sudo are great, there are possible issues which need to be noted:
* Redirecting the output of commands run with sudo can be confusing at first. For instance consider
sudo ls > /root/somefile
will not work since it is the shell that tries to write to that file. You can use
ls | sudo tee /root/somefile
to get the behaviour you want.
* In a lot of office environments the ONLY local user on a system is root. All other users are imported using NSS techniques such as
nss-ldap. To setup a workstation, or fix it, in the case of a network failure where nss-ldap is broken, root is required. This tends to
leave the system unusable. An extra local user, or an enabled root password is needed here.
GOING BACK TO A TRADITIONAL ROOT ACCOUNT
This is not recommended!
To enable the root account (i.e. set a password) use:
sudo passwd root
Afterwards, edit the sudo configuration with sudo visudo and comment out the line
%admin ALL=(ALL) ALL
to disable sudo access to members of the admin group.
SEE ALSO
sudo(8), https://wiki.ubuntu.com/RootSudo
February 8, 2006 sudo_root(8)