sudo, sudoedit - execute a command as another user
S\bSY\bYN\bNO\bOP\bPS\bSI\bIS\bS
- s\bsu\bud\bdo\bo [-\b-n\bn] -\b-h\bh | -\b-K\bK | -\b-k\bk | -\b-L\bL | -\b-V\bV | -\b-v\bv
+ s\bsu\bud\bdo\bo -\b-h\bh | -\b-K\bK | -\b-k\bk | -\b-L\bL | -\b-V\bV
- s\bsu\bud\bdo\bo -\b-l\bl[\b[l\bl]\b] [-\b-A\bAn\bnS\bS] [-\b-g\bg _\bg_\br_\bo_\bu_\bp_\bn_\ba_\bm_\be|_\b#_\bg_\bi_\bd] [-\b-U\bU _\bu_\bs_\be_\br_\bn_\ba_\bm_\be] [-\b-u\bu _\bu_\bs_\be_\br_\bn_\ba_\bm_\be|_\b#_\bu_\bi_\bd]
- [_\bc_\bo_\bm_\bm_\ba_\bn_\bd]
+ s\bsu\bud\bdo\bo -\b-v\bv [-\b-A\bAk\bkn\bnS\bS] [-\b-a\ba _\ba_\bu_\bt_\bh_\b__\bt_\by_\bp_\be] [-\b-p\bp _\bp_\br_\bo_\bm_\bp_\bt]
+
+ s\bsu\bud\bdo\bo -\b-l\bl[\b[l\bl]\b] [-\b-A\bAk\bkn\bnS\bS] [-\b-a\ba _\ba_\bu_\bt_\bh_\b__\bt_\by_\bp_\be] [-\b-g\bg _\bg_\br_\bo_\bu_\bp_\bn_\ba_\bm_\be|_\b#_\bg_\bi_\bd] [-\b-p\bp _\bp_\br_\bo_\bm_\bp_\bt]
+ [-\b-U\bU _\bu_\bs_\be_\br_\bn_\ba_\bm_\be] [-\b-u\bu _\bu_\bs_\be_\br_\bn_\ba_\bm_\be|_\b#_\bu_\bi_\bd] [_\bc_\bo_\bm_\bm_\ba_\bn_\bd]
s\bsu\bud\bdo\bo [-\b-A\bAb\bbE\bEH\bHn\bnP\bPS\bS] [-\b-a\ba _\ba_\bu_\bt_\bh_\b__\bt_\by_\bp_\be] [-\b-C\bC _\bf_\bd] [-\b-c\bc _\bc_\bl_\ba_\bs_\bs|_\b-] [-\b-g\bg _\bg_\br_\bo_\bu_\bp_\bn_\ba_\bm_\be|_\b#_\bg_\bi_\bd]
[-\b-p\bp _\bp_\br_\bo_\bm_\bp_\bt] [-\b-u\bu _\bu_\bs_\be_\br_\bn_\ba_\bm_\be|_\b#_\bu_\bi_\bd] [V\bVA\bAR\bR=_\bv_\ba_\bl_\bu_\be] [-\b-i\bi | -\b-s\bs] [_\bc_\bo_\bm_\bm_\ba_\bn_\bd]
the sudoers lookup is still done for root, not the user specified by
SUDO_USER.
- s\bsu\bud\bdo\bo can log both successful and unsuccessful attempts (as well as
- errors) to _\bs_\by_\bs_\bl_\bo_\bg(3), a log file, or both. By default s\bsu\bud\bdo\bo will log
-1.7.0 November 15, 2008 1
+1.7.2p6 March 3, 2010 1
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ s\bsu\bud\bdo\bo can log both successful and unsuccessful attempts (as well as
+ errors) to _\bs_\by_\bs_\bl_\bo_\bg(3), a log file, or both. By default s\bsu\bud\bdo\bo will log
via _\bs_\by_\bs_\bl_\bo_\bg(3) but this is changeable at configure time or via the
_\bs_\bu_\bd_\bo_\be_\br_\bs file.
-A Normally, if s\bsu\bud\bdo\bo requires a password, it will read it from
the current terminal. If the -\b-A\bA (_\ba_\bs_\bk_\bp_\ba_\bs_\bs) option is
- specified, a helper program is executed to read the user's
- password and output the password to the standard output.
- If the SUDO_ASKPASS environment variable is set, it
- specifies the path to the helper program. Otherwise, the
- value specified by the _\ba_\bs_\bk_\bp_\ba_\bs_\bs option in _\bs_\bu_\bd_\bo_\be_\br_\bs(4) is
- used.
+ specified, a (possibly graphical) helper program is
+ executed to read the user's password and output the
+ password to the standard output. If the SUDO_ASKPASS
+ environment variable is set, it specifies the path to the
+ helper program. Otherwise, the value specified by the
+ _\ba_\bs_\bk_\bp_\ba_\bs_\bs option in _\bs_\bu_\bd_\bo_\be_\br_\bs(4) is used.
-a _\bt_\by_\bp_\be The -\b-a\ba (_\ba_\bu_\bt_\bh_\be_\bn_\bt_\bi_\bc_\ba_\bt_\bi_\bo_\bn _\bt_\by_\bp_\be) option causes s\bsu\bud\bdo\bo to use the
specified authentication type when validating the user, as
either the matching command has the SETENV tag or the
_\bs_\be_\bt_\be_\bn_\bv option is set in _\bs_\bu_\bd_\bo_\be_\br_\bs(4).
- -e The -\b-e\be (_\be_\bd_\bi_\bt) option indicates that, instead of running a
-
-1.7.0 November 15, 2008 2
+1.7.2p6 March 3, 2010 2
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ -e The -\b-e\be (_\be_\bd_\bi_\bt) option indicates that, instead of running a
command, the user wishes to edit one or more files. In
lieu of a command, the string "sudoedit" is used when
consulting the _\bs_\bu_\bd_\bo_\be_\br_\bs file. If the user is authorized by
execution. Otherwise, an interactive shell is executed.
s\bsu\bud\bdo\bo attempts to change to that user's home directory
before running the shell. It also initializes the
- environment, leaving _\bD_\bI_\bS_\bP_\bL_\bA_\bY and _\bT_\bE_\bR_\bM unchanged, setting
-1.7.0 November 15, 2008 3
+1.7.2p6 March 3, 2010 3
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ environment, leaving _\bD_\bI_\bS_\bP_\bL_\bA_\bY and _\bT_\bE_\bR_\bM unchanged, setting
_\bH_\bO_\bM_\bE, _\bS_\bH_\bE_\bL_\bL, _\bU_\bS_\bE_\bR, _\bL_\bO_\bG_\bN_\bA_\bM_\bE, and _\bP_\bA_\bT_\bH, as well as the
contents of _\b/_\be_\bt_\bc_\b/_\be_\bn_\bv_\bi_\br_\bo_\bn_\bm_\be_\bn_\bt on Linux and AIX systems. All
other environment variables are removed.
-K The -\b-K\bK (sure _\bk_\bi_\bl_\bl) option is like -\b-k\bk except that it removes
- the user's timestamp entirely. Like -\b-k\bk, this option does
- not require a password.
-
- -k The -\b-k\bk (_\bk_\bi_\bl_\bl) option to s\bsu\bud\bdo\bo invalidates the user's
- timestamp by setting the time on it to the Epoch. The next
- time s\bsu\bud\bdo\bo is run a password will be required. This option
- does not require a password and was added to allow a user
- to revoke s\bsu\bud\bdo\bo permissions from a .logout file.
+ the user's timestamp entirely and may not be used in
+ conjunction with a command or other option. This option
+ does not require a password.
+
+ -k When used by itself, the -\b-k\bk (_\bk_\bi_\bl_\bl) option to s\bsu\bud\bdo\bo
+ invalidates the user's timestamp by setting the time on it
+ to the Epoch. The next time s\bsu\bud\bdo\bo is run a password will be
+ required. This option does not require a password and was
+ added to allow a user to revoke s\bsu\bud\bdo\bo permissions from a
+ .logout file.
+
+ When used in conjunction with a command or an option that
+ may require a password, the -\b-k\bk option will cause s\bsu\bud\bdo\bo to
+ ignore the user's timestamp file. As a result, s\bsu\bud\bdo\bo will
+ prompt for a password (if one is required by _\bs_\bu_\bd_\bo_\be_\br_\bs) and
+ will not update the user's timestamp file.
-L The -\b-L\bL (_\bl_\bi_\bs_\bt defaults) option will list out the parameters
that may be set in a _\bD_\be_\bf_\ba_\bu_\bl_\bt_\bs line along with a short
password prompt and use a custom one. The following
percent (`%') escapes are supported:
- %H expanded to the local hostname including the domain
- name (on if the machine's hostname is fully qualified
- or the _\bf_\bq_\bd_\bn _\bs_\bu_\bd_\bo_\be_\br_\bs option is set)
- %h expanded to the local hostname without the domain name
-
- %p expanded to the user whose password is being asked for
- (respects the _\br_\bo_\bo_\bt_\bp_\bw, _\bt_\ba_\br_\bg_\be_\bt_\bp_\bw and _\br_\bu_\bn_\ba_\bs_\bp_\bw flags in
+1.7.2p6 March 3, 2010 4
-1.7.0 November 15, 2008 4
+SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
-SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ %H expanded to the local hostname including the domain
+ name (on if the machine's hostname is fully qualified
+ or the _\bf_\bq_\bd_\bn _\bs_\bu_\bd_\bo_\be_\br_\bs option is set)
+ %h expanded to the local hostname without the domain name
+ %p expanded to the user whose password is being asked for
+ (respects the _\br_\bo_\bo_\bt_\bp_\bw, _\bt_\ba_\br_\bg_\be_\bt_\bp_\bw and _\br_\bu_\bn_\ba_\bs_\bp_\bw flags in
_\bs_\bu_\bd_\bo_\be_\br_\bs)
%U expanded to the login name of the user the command will
the _\bp_\ba_\bs_\bs_\bp_\br_\bo_\bm_\bp_\bt_\b__\bo_\bv_\be_\br_\br_\bi_\bd_\be flag is disabled in _\bs_\bu_\bd_\bo_\be_\br_\bs.
-S The -\b-S\bS (_\bs_\bt_\bd_\bi_\bn) option causes s\bsu\bud\bdo\bo to read the password from
- the standard input instead of the terminal device.
+ the standard input instead of the terminal device. The
+ password must be followed by a newline character.
-s [command]
The -\b-s\bs (_\bs_\bh_\be_\bl_\bl) option runs the shell specified by the _\bS_\bH_\bE_\bL_\bL
-v If given the -\b-v\bv (_\bv_\ba_\bl_\bi_\bd_\ba_\bt_\be) option, s\bsu\bud\bdo\bo will update the
user's timestamp, prompting for the user's password if
- necessary. This extends the s\bsu\bud\bdo\bo timeout for another 5
- minutes (or whatever the timeout is set to in _\bs_\bu_\bd_\bo_\be_\br_\bs) but
- does not run a command.
- -- The -\b--\b- option indicates that s\bsu\bud\bdo\bo should stop processing
- command line arguments. It is most useful in conjunction
- with the -\b-s\bs option.
- Environment variables to be set for the command may also be passed on
+1.7.2p6 March 3, 2010 5
-1.7.0 November 15, 2008 5
+SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
-SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ necessary. This extends the s\bsu\bud\bdo\bo timeout for another 5
+ minutes (or whatever the timeout is set to in _\bs_\bu_\bd_\bo_\be_\br_\bs) but
+ does not run a command.
+ -- The -\b--\b- option indicates that s\bsu\bud\bdo\bo should stop processing
+ command line arguments. It is most useful in conjunction
+ with the -\b-s\bs option.
+ Environment variables to be set for the command may also be passed on
the command line in the form of V\bVA\bAR\bR=_\bv_\ba_\bl_\bu_\be, e.g.
L\bLD\bD_\b_L\bLI\bIB\bBR\bRA\bAR\bRY\bY_\b_P\bPA\bAT\bTH\bH=_\b/_\bu_\bs_\br_\b/_\bl_\bo_\bc_\ba_\bl_\b/_\bp_\bk_\bg_\b/_\bl_\bi_\bb. Variables passed on the command
line are subject to the same restrictions as normal environment
environment variables that s\bsu\bud\bdo\bo allows or denies is contained in the
output of sudo -V when run as root.
- Note that the dynamic linker on most operating systems will remove
- variables that can control dynamic linking from the environment of
- setuid executables, including s\bsu\bud\bdo\bo. Depending on the operating system
- this may include _RLD*, DYLD_*, LD_*, LDR_*, LIBPATH, SHLIB_PATH, and
- others. These type of variables are removed from the environment
- before s\bsu\bud\bdo\bo even begins execution and, as such, it is not possible for
- s\bsu\bud\bdo\bo to preserve them.
-
- To prevent command spoofing, s\bsu\bud\bdo\bo checks "." and "" (both denoting
-1.7.0 November 15, 2008 6
+1.7.2p6 March 3, 2010 6
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ Note that the dynamic linker on most operating systems will remove
+ variables that can control dynamic linking from the environment of
+ setuid executables, including s\bsu\bud\bdo\bo. Depending on the operating system
+ this may include _RLD*, DYLD_*, LD_*, LDR_*, LIBPATH, SHLIB_PATH, and
+ others. These type of variables are removed from the environment
+ before s\bsu\bud\bdo\bo even begins execution and, as such, it is not possible for
+ s\bsu\bud\bdo\bo to preserve them.
+
+ To prevent command spoofing, s\bsu\bud\bdo\bo checks "." and "" (both denoting
current directory) last when searching for a command in the user's PATH
(if one or both are in the PATH). Note, however, that the actual PATH
environment variable is _\bn_\bo_\bt modified and is passed unchanged to the
HOME In -\b-s\bs or -\b-H\bH mode (or if sudo was configured with the
--enable-shell-sets-home option), set to homedir of the
- target user
- PATH Set to a sane value if the _\bs_\be_\bc_\bu_\br_\be_\b__\bp_\ba_\bt_\bh sudoers option
- is set.
- SHELL Used to determine shell to run with -s option
- SUDO_ASKPASS Specifies the path to a helper program used to read the
- password if no terminal is available or if the -A
+1.7.2p6 March 3, 2010 7
-1.7.0 November 15, 2008 7
+SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ target user
-SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ PATH Set to a sane value if the _\bs_\be_\bc_\bu_\br_\be_\b__\bp_\ba_\bt_\bh sudoers option
+ is set.
+ SHELL Used to determine shell to run with -s option
+ SUDO_ASKPASS Specifies the path to a helper program used to read the
+ password if no terminal is available or if the -A
option is specified.
SUDO_COMMAND Set to the command run by sudo
$ sudo ls /usr/local/protected
- To list the home directory of user yazza on a machine where the file
- system holding ~yazza is not exported as root:
+ To list the home directory of user yaz on a machine where the file
+ system holding ~yaz is not exported as root:
- $ sudo -u yazza ls ~yazza
+ $ sudo -u yaz ls ~yaz
To edit the _\bi_\bn_\bd_\be_\bx_\b._\bh_\bt_\bm_\bl file as user www:
- $ sudo -u www vi ~www/htdocs/index.html
- To shutdown a machine:
- $ sudo shutdown -r +15 "quick reboot"
- To make a usage listing of the directories in the /home partition.
- Note that this runs the commands in a sub-shell to make the cd and file
- redirection work.
+1.7.2p6 March 3, 2010 8
-1.7.0 November 15, 2008 8
+SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ $ sudo -u www vi ~www/htdocs/index.html
-SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ To view system logs only accessible to root and users in the adm group:
+
+ $ sudo -g adm view /var/log/syslog
+ To run an editor as jim with a different primary group:
+
+ $ sudo -u jim -g audio vi ~jim/sound.txt
+
+ To shutdown a machine:
+
+ $ sudo shutdown -r +15 "quick reboot"
+
+ To make a usage listing of the directories in the /home partition.
+ Note that this runs the commands in a sub-shell to make the cd and file
+ redirection work.
$ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
Running shell scripts via s\bsu\bud\bdo\bo can expose the same kernel bugs that
make setuid shell scripts unsafe on some operating systems (if your OS
+
+
+
+1.7.2p6 March 3, 2010 9
+
+
+
+
+
+SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+
+
has a /dev/fd/ directory, setuid shell scripts are generally safe).
B\bBU\bUG\bGS\bS
-1.7.0 November 15, 2008 9
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+1.7.2p6 March 3, 2010 10