Technology, half-finnished projects and the general ramblings of a socal misfit.
Command Syntax

Articles :: SUDO Introduction

SUDO Introduction / Examples:

To sudo a program an entry needs to be made into the /etc/sudoers file.
The format of this entry should be in its simplist form is:

    Username-who-is-going-to-sudo    FQDN-of-machine    = /full/path/to/

e.g. to allow the user mcdonja to use the /sbin/shutdown program on the /etc/sudoers entry would be:

    mcdonaja = /sbin/shutdown

When user mcdonaja calls the progam /sbin/shutdown sudo will ask them for the password of their account.

To stop sudo asking mcdonja for his password (usfull when scripting) the NOPASSWD attribute can be added.

    mcdonaja = NOPASSWD: /bin/shutdown

By default sudo presumes that you want to sudo to root, it is however possibile to sudo to another user.
An example /etc/sudoers entry to sudo the program /path/to/ as user 'wilsondo' is:

    mcdonaja = (wilsondo) /path/to/

This of course can be combined with the NOPASSWD attribute e.g.

    mcdonaja = (wilsondo) NOPASSWD: /path/to/

Multipul programs can be specified in the one line (with or without NOPASSWD/another user) like this:

    mcdonaja = (mcdonapa) /path/to/, (wilsondo) NOPASSWD: /path/to/,


Currently /etc/sudoers contains direct paths to various scripts which need be sudoed.
Due to this when executing a script from another script as sudo user X you should NOT do it in the fasion of:

    sudo -u USERTOSUDO sh /path/to/

Doing so tries to sudo the program 'SH'. This results in an error stating that the user was not allowed to sudo.
This method can be used if you add /bin/sh to the /etc/sudoers file although this defeats the object..

The correct (current) way to launch a script is simply with:

    sudo -u USERTOSUDO /path/to/

Also note scripts should be chmoded to 750.

© 2006-2007