A few months ago, I read a very interesting article that contained some good information about a Linux feature that I wanted to learn more about. I won’t tell you the name of the article, what it was about, or even the web site on which I read it, but the article just made me shudder.
The reason I found this article so cringe-worthy is that it prefaced every command with the sudo
command. The issue I have with this is that the article is allegedly for sysadmins, and real sysadmins don’t use sudo
in front of every command they issue. To do so is a gross misuse of the sudo
command. I have written about this type of misuse in my book, “The Linux Philosophy for SysAdmins.” The following is an excerpt from Chapter 19 of that book.
In this article, we explore why and how the sudo
tool is being misused and how to bypass the configuration that forces one to use sudo
instead of working directly as root.
sudo or not sudo
Part of being a system administrator and using your favorite tools is to use the tools we have correctly and to have them available without any restrictions. In this case, I find that the sudo
command is used in a manner for which it was never intended. I have a particular dislike for how the sudo
facility is being used in some distributions, especially because it is employed to limit and restrict access by people doing the work of system administration to the tools they need to perform their duties.
“[SysAdmins] don’t use sudo.”
– Paul Venezia
Venezia explains in his InfoWorld article that sudo
is used as a crutch for sysadmins. He does not spend a lot of time defending this position or explaining it. He just states this as a fact. And I agree with him – for sysadmins. We don’t need the training wheels in order to do our jobs. In fact, they get in the way.
Some distros, such as Ubuntu, use the sudo
command in a manner that is intended to make the use of commands that require elevated (root) privileges a little more difficult. In these distros, it is not possible to login directly as the root user so the sudo
command is used to allow non-root users temporary access to root privileges. This is supposed to make the user a little more careful about issuing commands that need elevated privileges such as adding and deleting users, deleting files that don’t belong to them, installing new software, and generally all of the tasks that are required to administer a modern Linux host. Forcing sysadmins to use the sudo
command as a preface to other commands is supposed to make working with Linux safer.
Using sudo
in the manner it is by these distros is, in my opinion, a horrible and ineffective attempt to provide novice sysadmins with a false sense of security. It is completely ineffective at providing any level of protection. I can issue commands that are just as incorrect or damaging using sudo
as I can when not using it. The distros that use sudo
to anesthetize the sense of fear that we might issue an incorrect command are doing sysadmins a great disservice. There is no limit or restriction imposed by these distros on the commands that one might use with the sudo
facility. There is no attempt to actually limit the damage that might be done by actually protecting the system from the users and the possibility that they might do something harmful – nor should there be.
So let’s be clear about this—these distributions expect the user to perform all of the tasks of system administration. They lull the users—who are really System Administrators—into thinking that they are somehow protected from the effects of doing anything bad because they must take this restrictive extra step to enter their own password in order to run the commands.
Bypass sudo
Distributions that work like this usually lock the password for the root user (Ubuntu is one of these distros). This way no one can login as root and start working unencumbered. Let’s look at how this works and then how to bypass it.
Let me stipulate the setup here so that you can reproduce it if you wish. As an example, I installed Ubuntu 16.04 LTS1 in a VM using VirtualBox. During the installation, I created a non-root user, student, with a simple password for this experiment.
Login as the user student and open a terminal session. Let’s look at the entry for root in the /etc/shadow
file, which is where the encrypted passwords are stored.
student@machine1:~$ cat /etc/shadow
cat: /etc/shadow: Permission denied
Permission is denied so we cannot look at the /etc/shadow file
. This is common to all distributions so that non-privileged users cannot see and access the encrypted passwords. That access would make it possible to use common hacking tools to crack those passwords so it is insecure to allow that.
Now let’s try to su –
to root.
student@machine1:~$ su -
Password:
su: Authentication failure
This attempt to use the su
command to elevate our user to root privilege fails because the root account has no password and is locked out. Let’s use sudo
to look at the /etc/shadow
file.
student@machine1:~$ sudo cat /etc/shadow
[sudo] password for student: <enter the user password>
root:!:17595:0:99999:7:::
<snip>
student:$6$tUB/y2dt$A5ML1UEdcL4tsGMiq3KOwfMkbtk3WecMroKN/:17597:0:99999:7:::
<snip>
:
) and the second field is the password. Notice that the password field for root is a “bang,” known to the rest of the world as an exclamation point (!
). This indicates that the account is locked and that it cannot be used.
Now, all we need to do to use the root account as proper sysadmins is to set up a password for the root account.
student@machine1:~$ sudo su -
[sudo] password for student: <Enter password for student>
root@machine1:~# passwd root
Enter new UNIX password: <Enter new root password>
Retype new UNIX password: <Re-enter new root password>
passwd: password updated successfully
root@machine1:~#
su –
directly to root instead of having to use sudo
for each command. Of course, we could just use sudo su –
every time we want to login as root – but why bother?
Please do not misunderstand me. Distributions like Ubuntu and their up- and down-stream relatives are perfectly fine and I have used several of them over the years. When using Ubuntu and related distros, one of the first things I do is set a root password so that I can login directly as root.
Valid uses for sudo
The sudo
facility does have its uses. The real intent of sudo
is to enable the root user to delegate to one or two non-root users, access to one or two specific privileged commands that they need on a regular basis. The reasoning behind this is that of the lazy sysadmin; allowing the users access to a command or two that requires elevated privileges and that they use constantly, many times per day, saves the SysAdmin a lot of requests from the users and eliminates the wait time that the users would otherwise experience. But most non-root users should never have full root access, just to the few commands that they need.
I sometimes need non-root users to run programs that require root privileges. In cases like this, I set up one or two non-root users and authorize them to run that single command. The sudo
facility also keeps a log of the user ID of each user that uses it. This might enable me to track down who made an error. That’s all it does; it is not a magical protector.
The sudo
facility was never intended to be used as a gateway for commands issued by a sysadmin. It cannot check the validity of the command. It does not check to see if the user is doing something stupid. It does not make the system safe from users who have access to all of the commands on the system even if it is through a gateway that forces them to say “please” – That was never its intended purpose.
“Unix never says please.”
– Rob Pike
This quote about Unix is just as true about Linux as it is about Unix. We sysadmins login as root when we need to do work as root and we log out of our root sessions when we are done. Some days we stay logged in as root all day long but we always work as root when we need to. We never use sudo
because it forces us to type more than necessary in order to run the commands we need to do our jobs. Neither Unix nor Linux asks us if we really want to do something, that is, it does not say "Please verify that you want to do this."
Yes, I dislike the way some distros use the sudo
command. Next time I will explore some valid use cases for sudo
and how to configure it for these cases.
[ Want to test your sysadmin skills? Take a skills assessment today. ]
À propos de l'auteur
David Both is an open source software and GNU/Linux advocate, trainer,
writer, and speaker who lives in Raleigh, NC. He is a strong
proponent of and evangelist for the "Linux Philosophy."
David has been in the IT industry for over 50 years. He has taught RHCE
classes for Red Hat and has worked at MCI Worldcom, Cisco, and the State
of North Carolina. He has been working with Linux and open source
software for over 20 years.
David likes to purchase the components and build his own computers from
scratch to ensure that each new computer meets his exacting
specifications. His primary workstation is an ASUS TUF X299 motherboard
and an Intel i9 CPU with 16 cores (32 CPUs) and 64GB of RAM in a
CoolerMaster MasterFrame 700.
David has written articles for magazines including Linux Magazine and
Linux Journal. His article "Complete Kickstart," co-authored with a
colleague at Cisco, was ranked 9th in the Linux Magazine Top Ten Best
System Administration Articles list for 2008. David currently writes
prolifically for OpenSource.com and Enable Sysadmin.
David currently has five books published with Apress, "The Linux
Philosophy for SysAdmins," a self-study training course in three
volumes "Using and Administering Linux: Zero to SysAdmin," that was
released in late 2019, and "Linux for Small Business Owners" with
co-author Cyndi Bulka.
David can be reached at LinuxGeek46@both.org or on Twitter @LinuxGeek46.
Contenu similaire
Parcourir par canal
Automatisation
Les dernières nouveautés en matière d'automatisation informatique pour les technologies, les équipes et les environnements
Intelligence artificielle
Actualité sur les plateformes qui permettent aux clients d'exécuter des charges de travail d'IA sur tout type d'environnement
Cloud hybride ouvert
Découvrez comment créer un avenir flexible grâce au cloud hybride
Sécurité
Les dernières actualités sur la façon dont nous réduisons les risques dans tous les environnements et technologies
Edge computing
Actualité sur les plateformes qui simplifient les opérations en périphérie
Infrastructure
Les dernières nouveautés sur la plateforme Linux d'entreprise leader au monde
Applications
À l’intérieur de nos solutions aux défis d’application les plus difficiles
Programmes originaux
Histoires passionnantes de créateurs et de leaders de technologies d'entreprise
Produits
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Services cloud
- Voir tous les produits
Outils
- Formation et certification
- Mon compte
- Assistance client
- Ressources développeurs
- Rechercher un partenaire
- Red Hat Ecosystem Catalog
- Calculateur de valeur Red Hat
- Documentation
Essayer, acheter et vendre
Communication
- Contacter le service commercial
- Contactez notre service clientèle
- Contacter le service de formation
- Réseaux sociaux
À propos de Red Hat
Premier éditeur mondial de solutions Open Source pour les entreprises, nous fournissons des technologies Linux, cloud, de conteneurs et Kubernetes. Nous proposons des solutions stables qui aident les entreprises à jongler avec les divers environnements et plateformes, du cœur du datacenter à la périphérie du réseau.
Sélectionner une langue
Red Hat legal and privacy links
- À propos de Red Hat
- Carrières
- Événements
- Bureaux
- Contacter Red Hat
- Lire le blog Red Hat
- Diversité, équité et inclusion
- Cool Stuff Store
- Red Hat Summit