So, sudo program is part of the GNU suite. It is a small application that allows the execution of commands with the security privileges of another user. Normally, this “other” user is root.

Generally, Ubuntu-based distributions have sudo enabled. Although this is a security breach for many, it makes life much easier for newcomers.

On the other hand, the more server-oriented distributions like Debian, CentOS or RHEL do not even have it installed.

How to enable sudo on Debian 10?

However, sudo has a grace period. This is that after entering the password, there is a time when you can execute another command without entering the password again.

The previous situation implies a security breach. This has to be said. That’s why it’s possible to change that time to a shorter or a longer one.

Chaging the default sudo timeout

First, open a terminal session.

All sudo settings are stored in the /etc/sudoers file and need to be modified.

To do so, run the following command:

:~$ sudo nano /etc/sudoers

In this case I’m using a text editor called nano, but you can also use one with a graphical interface.

Once inside the file, you have to place the next line:

Defaults env_reset,timestamp_timeout=

However, in some Linux distributions that line does not exist, so you can add it at the end of the file and with the value in minutes you want. For example 1 for one minute.

In case you don’t want to be asked for the password anymore you can put the value one. Clearly this is not recommended at all.

Defaults env_reset,timestamp_timeout=1

Then save the changes and close the file.

And it’s done. Now after one minute, if you use another command with sudo, you will be asked for the password again.

Conclusion

Sudo is an unloved tool by many syadmin for being unsafe, but it is true that for a normal user of the system, it is a great advantage. Today you have learned how to modify the grace time it gives us without asking for the password.

Please share this post with your friends and join our Telegram channel.

The post How to change the default sudo timeout? appeared first on Linux Windows and android Tutorials.

What is sudo?

In a PC that runs some Linux distribution or FreeBSD, there are different users. Each of them has defined roles and permits. For example, to install a package in FreeBSD it is necessary to do it with root user privileges. Then, not all users can do all things.

The sudo program is part of the GNU suite. It is a small application that allows the execution of commands with the security privileges of another user. Normally, this “other” user is root.

By FreeBSD security policy, this program is not enabled for your regular user. And the truth is that if you use FreeBSD on your personal computer we can enable it and it would not be a problem. However, if you install FreeBSD to be used on a server, you should not do it.

In any case, sudo allows you to execute commands that your user can not. In addition, the commands that are applied with sudo are not registered in the system log.

Enabling sudo on FreeBSD 12

We already know that sudo is not installed by default on FreeBSD, but it is available from the official repositories. So first log in as root on FreeBSD.

After you have opened the terminal session as the root user, install sudo with the following command:

:~$ pkg install sudo
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
	sudo: 1.8.31
Number of packages to be installed: 1
The process will require 3 MiB more space.
730 KiB to be downloaded.
Proceed with this action? [y/N]:

Once you have installed sudo, you need to add your user to the list of users who can run sudo.

To do this, first install the nano text editor which is easier to use than vi.

:~$ pkg install nano

And now we have to edit the sudo configuration file.

:~$ nano /usr/local/etc/sudoers

Now under the line:

root ALL=(ALL) ALL

Add the next line:

angelo ALL=(ALL) ALL

In this case, angelo is my username. Replace it with yours.

Save your changes with CTRL + O and close the editor with CTRL + X.

Now you can log out as root and log in with your regular user.

The first time you run a command with sudo, such as updating the system, you will see something like this:

Just enter your password and the command will be executed.

Remember that sudo opens a security hole. So normally it is not recommended to use it on servers. But still, it can be very useful to keep it in mind.

And that’s it, now you can use sudo in FreeBSD 12.

Conclusion

Many times we need to execute various commands as the root user to perform operations on our Unix-based systems. However, we do not always have access to the root user and thanks to sudo we can do it. On the other hand, sudo is not always enabled in production environments.

Now you know how to enable sudo in FreeBSD 12.

The post How to enable sudo on FreeBSD 12? appeared first on Linux Windows and android Tutorials.

Quickly and by way of introduction, I will tell you that sudo is a tool that allows you to execute commands as if you were another user. Usually the other user is the root user. That is to say with our regular user, we can execute commands as if we were root user.

This situation brings many advantages when facilitating usability in a home system, but is not widely used in business.

The detail is that a vulnerability has been discovered that grants permissions of root user to whom it should not.

Specifically we refer to a vulnerability identified with the number CVE-2019-14287 and has already been documented by Canonical under the number USN-4154-1.

In which Ubuntu versions is there a vulnerability in sudo?

For now, the vulnerability in sudo affects the following versions of Ubuntu:

• Ubuntu 19.04
• Ubuntu 18.04 LTS
• Also, Ubuntu 16.04 LTS
• Ubuntu 14.04 ESM
• Ubuntu 12.04 ESM

This at server level as well as desktop operating system level. Therefore, as Ubuntu is one of the most popular distributions, it is easy to deduce that many people are affected by the vulnerability.

On the other hand, also versions 17.x, 18.x and 19.x of Linux Mint has been affected. This is because Linux Mint uses Ubuntu’s base packages for the system.

What was the problem?

The /etc/sudoers file is where you find the configuration of which users may or may not use the sudo command.

However, the security breach discovered allowed any user to use commands as root. This was accomplished by modifying the file to circumvent the ban. That is, even when it was defined that a user could not execute sudo, modifying the sudoers file and setting user ID -1, this policy is circumvented.

On the other hand, it is worth mentioning that sudo is not enabled on many servers and there the consequences are less serious.

How can I solve the problem?

Fortunately, the vulnerability has been discovered and patched. Therefore, at this point it should already be available as an update through your preferred package manager.

For example, in the case of Ubuntu and Linux Mint is already available.

And so on the rest of the Linux distributions. Just upgrade. In case you do not have the new update, wait a little longer and it will surely be available.

Sudo has been compromised but there is already a solution. Upgrade now!

Also, you can learn how to enable on Debian and CentOS.

The post Discovered vulnerability in sudo. Upgrade your system now! appeared first on Linux Windows and android Tutorials.

Briefly, What is sudo?

Sudo is a small program or utility that is installed on Linux in order to allow commands to be executed with another user’s security privileges. Usually, this other user is the root user. This causes the regular user to temporarily become a super user.

For the same reason, there are sysadmin who do not like to use sudo, because if it is misused it can lead to a security breach. However, in the end, it is up to the users.

So, let us enable it.

Enabling sudo on CentOS 8

If during the installation of CentOS 8 you have decided not to create any user, then the first step is to create it.

Open a terminal or SSH session and execute the following command:

:~$ su
:~# adduser [username]

Remember to replace [username] with the username of your choice. Then, a password must be assigned.

:~# passwd [username]

Now that we have our user created we can continue. On the other hand, if you have already created the user, you can omit this part.

For the new user to have the sudo command available, it must first be installed. It is usually installed by default but better to be sure.

:~# dnf install sudo

There are now two ways for the new user to use sudo. The first way is to add this user to the wheel group. All members of the wheel group are authorized to use sudo.

If you decide this way, in the terminal use the following command:

:~# usermod -aG wheel [username]

Remember to replace [username] with the username you have chosen.

However, if you do not want your user to belong to the wheel group for any reason, then we will have another option. We can add the user to arcihvo sudoers and specify that they are authorized to use sudo.

To do this as root user open the file /etc/sudoers

:~# nano /etc/sudoers

Then, find this section:

Allow root to run any commands anywhere
root ALL=(ALL) ALL

And add the following:

[username] ALL=(ALL) ALL

Remember to change [username] to the new user’s username. Save the changes and close the file.

And that is it.

Conclusion

Sudo is a basic utility to run as super users without being one. This is a great advantage in desktop systems or even in certain circumstances on servers. Simply put, it is one of those things that is always good to have on hand.

On the other hand, if you want to learn how to enable sudo in Debian 10, you can do it with this post:

How to enable sudo on Debian 10 Buster?

Please share this post and join our Telegram channel.

The post How to enable sudo on CentOS 8? appeared first on Linux Windows and android Tutorials.

Introduction – What is sudo?

:~$ su

:~# apt install sudo

Sudo is quite light so the installation is quite fast.

Now you have to modify the file /etc/sudoers which is where all the sudo configuration is located. You can use the nano editor for this.

:~# nano /etc/sudoers

The file does not have too many lines. In the user privilege specification section, you will find a line like this.

root ALL=(ALL:ALL) ALL

Under it, add your user and leave the rest the same. Something like that.

your-user ALL=(ALL:ALL) ALL

Next, press CTRL + O to save the changes and CTRL +X to close it.

After that, you can use sudo.

So, share this post with your friends and join our Telegram Channel.

The post How to enable sudo on Debian 11/ 10? appeared first on Linux Windows and android Tutorials.