Side Gadgets

Linux Security 101 : "Sudo" user Authorization


ByPosted at
Share

 


The Sudoers:


The /etc/sudoers file dictates the users who can run commands masquerading as other users. It also says on which machines these commands could be run and whether the user need to authenticate with a password to issue certain commands. 


/etc/sudoers at the basic level:























Sudo through examples:



We make adjustments to the file /etc/sudoers as below:



John tries to run the command /usr/bin/ls as Tom again and this time, he is successful. 

Sudo and the password:


When Tom has been authenticated (#su Tom), he could use sudo command without a password for a period of 5 minutes.
To always require Tom to enter a password when using the sudo command we change the timeout to 0.

"/etc/sudoers" file:

In the /etc/sudoers file the timestamp_timeout value set to 0, Tom is required to type in the password when using sudo.







It makes sudo always prompt Tom for a password. 
Tom gets prompted for a password when using the sudo command (as you can see in red below)



                                                            



Post a Comment
Labels,
Random thoughts, and observations about our daily lives, to make us reflect about life in general.

Comments

Leave as a comment:

Archive