Scribd
Upload
26 views2 pages

OSDC - Cheatsheet-Sudo-2022 4 27

Sudo allows a user to execute commands as the superuser or another user. It can be configured by editing the sudoers file using the visudo command. By default, members of the wheel group can run all commands as any user on any host. Options allow running commands as a specific user, in another shell or directory, or listing a user's sudo permissions. Environment variables control aspects like the editor used and setting user identity information when using sudo.

Uploaded by

HoracioDos
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
26 views2 pages

OSDC - Cheatsheet-Sudo-2022 4 27

Sudo allows a user to execute commands as the superuser or another user. It can be configured by editing the sudoers file using the visudo command. By default, members of the wheel group can run all commands as any user on any host. Options allow running commands as a specific user, in another shell or directory, or listing a user's sudo permissions. Environment variables control aspects like the editor used and setting user identity information when using sudo.

Uploaded by

HoracioDos
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Sudo Cheat Sheet

Allow a user to execute a command as the superuser or some other user.

Configuration
sudo SUDO_EDITOR=nano visudo Open the sudoer config file in the nano editor
su -c visudo Use su when adding yourself to sudo

For the group wheel:


• ALL members of the group
%wheel ALL=(ALL:ALL) ALL • On ALL hosts
• As any (ALL) user
• ALL commands
tux ALL=(ALL) ALL User tux may run all commands on all hosts
Defaults secure_path="$PATH:/sbin" Set a new PATH variable during sudo usage
Defaults mail_badpass Email an admin at incorrect password entry
Defaults log_output

Defaults!/usr/bin/sudoreplay !log_output Enable logging of command output, except the


output of sudoreplay
Defaults!REBOOT !log_output

To keep most of the user's environment, set env_keep along with the variables you want to retain:
Defaults env_reset
Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS"
Defaults env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE"
Defaults env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES"
Defaults env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE"
Defaults env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"

Seth Kenlon CC BY-SA 4.0 Opensource.com


Sudo Cheat Sheet

Options
When no username is provided to sudo, root is assumed
--user <name> -u Run as user <name> instead of root
--login -i Launch a login shell as user (like running su)
--shell -s Run the shell specified by user's environment
--remove-timestamp -K Force a password prompt the next time you use sudo
--reset-timestamp -k Invalidate (but do not remove) cached credentials
--list -l List your sudo permissions
--list <command> -l Provide full path of <command>
--chdir <dir> -D Run command in <dir> instead of your current directory
--chroot <dir> -R Change to a new root <dir> before running command
--host <name> -h Run command on the host <name>

Environment variables
SUDO_EDITOR, VISUAL, EDITOR Editor to use to edit sudoer file
HOME Set to home directory of target user
SUDO_PS1 Define the terminal prompt
SUDO_USER
SUDO_UID Identity information for user running sudo
SUDO_GID

LOGNAME, USER Identity information for target user

Seth Kenlon CC BY-SA 4.0 Opensource.com

You might also like