sudo allows ordinary users to temporarily obtain privileges from another user, largely used for super user root privileges.
There are advantages and disadvantages to using sudo over su, for example sometimes we just need to perform a task quickly, like updating the system with a single command, like slackpkg update
e slackpkg upgrade-all
or simply opening a file that has write and read permission for root only, for example.
But that comes at a price, as sudo allows the user to have superpowers temporarily, anyone who knows the password of your regular user can have these super privileges.
That’s why it’s extremely important that you have a secure password for both root and your regular user, so you can use sudo with peace of mind. Unlike other distributions, Slackware comes by default with sudo disabled, and I’m going to show you how to enable it.
The first step is to create a group called “sudo”, for this simple task we can do it in two ways. You can add a new group simply using the command groupadd GROUPNAME
, but I will teach you how to do it manually for knowledge purposes.
The first step is to log in as root, for this use the su
command, and right after that we will open a configuration file for the groups that is located in /etc/group
, open it with your favorite editor:
$ su
# vim /etc/group
Let’s navigate to the last line of the group file and add a new line for sudo at the end of the file.
The new line must follow the same format as the others, that is:
groupname:x:ID:NOMEdoUSUARIO
You can use the following command to find out your user ID if you don’t know:
$ id -u
1000
In my case the id is 1000. Then add to the last line of the group file:
sudo:x:1000:YourUserName
Eg:
nobody:x:98:nobody
nogroup:x:99:
users:x:100:
console:x:101:
tor:x:220:
privoxy:x:206:
sudo:x:1000:patterson
Save and close.
Now we will need to edit the sudoers
file, for this, open the /etc/sudoers
file with your favorite editor.´
# vim /etc/sudoers
Locate the line # %sudo ALL=(ALL) ALL
, this line is commented out with the slash ‘#’ in front of %sudo
, we need to uncomment, remove the ‘#’ in front of %sudo
to take effect.
Commented sudo line:
## Uncomment to allow members of group sudo to execute any command
# %sudo ALL=(ALL) ALL
Uncommented sudo line:
## Uncomment to allow members of group sudo to execute any command
%sudo ALL=(ALL) ALL
Now save and close, now we need to do one last configuration which is very important. We know that common users have the UID 1000, and some commands are special for the superuser that contain the UID 0, when we run a command the system looks in the environment variable $PATH for the location of the command we asked for.
There are directories such as /sbin
that are accessible only with users of UID 0, an example is root itself. What happens if we try to run a command like slackpkg
for example that is inside the directory? It will fail.
So we need to add two new lines to our PATH. For this, as root user, we will open the profile file that is located in /etc/profile
and locate the line:
# Set the default system $PATH:
PATH=”/usr/local/bin:/usr/bin:/bin:/usr/games”
Note that there is an established pattern, directories have their field separated by ‘:’. At the end of /usr/games
we add the :/sbin:/usr/sbin
. Save and close.
# Set the default system $PATH:
PATH=”/usr/local/bin:/usr/bin:/bin:/usr/games:/sbin:/usr/sbin
Note that your regular user (UID 1000) is now able to execute the maintenance commands found in /sbin
and /usr/sbin
, whereas before these commands in these directories were not even ‘shown’ to a regular user. However, even now seeing these commands, we will need the superuser to continue.
Restart your system.
Try adding sudo
in front of the desired command(s). Try to read some file that requires superuser permission to be read, sudo cat somefile
. You now have sudo
working in Slackware, but don’t forget, “With great power comes great responsibility”.