sudo-1.5.4: description + notes
The following test is excerpted from the official sudo site
Sudo - a utility to allow restricted root access
Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell. It's features include:
- The ability to restrict what commands a user may run on a per-host basis.
- Sudo does copious logging of each command, providing a clear audit trail of who did what. When used in tandem with syslogd, the system log daemon, sudo can log all commands to a central host (as well as on the local host). At CU, all admins use sudo in lieu of a root shell to take advantage of this logging.
- Sudo uses timestamp files to implement a "ticketing" system. When a user invokes sudo and enters their password, they are granted a ticket for 5 minutes (this timeout is configurable at compile-time). Each subsequent sudo command updates the ticket for another 5 minutes. This avoids the problem of leaving a root shell where others can physically get to your keyboard. There is also an easy way for a user to remove their ticket file, useful for placing in a .logout file.
- Sudo's configuration file, the sudoers file, is setup in such a way that the same sudoers file may be used on many machines. This allows for central administration while keeping the flexibility to define a user's privileges on a per-host basis. Please see the samples sudoers file below for a real-world example.
This distribution of sudo in configured to support shadow and normal password files. All executables are installed under
/usr/freeware/bin. Thesudoersconfiguration file is installed and expected to be found in/usr/freeware/etc.Security note: sudo is a setuid root program.
To auto-install this package, go back and click on the respective install icon.