When using && and sudo on the first command, is the second command run as sudo too?

1

TL;DR: NO

The first command is

sudo some-command

The second command is

some-other-command

The command sudo takes the following command and executes it with elevated privileges. The &&, however, doesn't belong to a command and is interpreted by the shell, before executing the first command. It tells bash to first execute the first command, and on success the second one.

So the sudo doesn't know about the && some-other command. When the elevated process terminates, bash takes its return value, and then executes the other command, which again doesn't know of the first one.

This can be demonstrated easily:

$ sudo whoami && whoami root username

To reach what you want, you can start an elevated bash, and let it execute both commands:

$ sudo bash -c 'whoami && whoami' root root

So now, both commands are executed as root, as the whole process described above is executed in an elevated process, i.e. the bash session started with this command,...

0 0
2

The main two commandline possibilities are:

Use su and enter the root password when prompted. Put sudo in front of the command, and enter your password when prompted.

sudo (preferred when not running a graphical display)

This is the preferred method on most systems, including Ubuntu, Linux Mint, (arguably) Debian, and others. If you don't know a separate root password, use this method.

Sudo requires that you type your own password. (The purpose is to limit the damage if you leave your keyboard unattended and unlocked, and also to ensure that you really wish to run that command and it wasn't e.g. a typo.) It is often configured to not ask again for a few minutes so you can run several sudo commands in succession.

Example:

sudo service apache restart

If you need to run several commands as root, prefix each of them with sudo. Sometimes, it is more convenient to run an interactive shell as root. You can use sudo -i for that:

$ sudo -i # command 1...
0 0
3

New users to Linux (especially Ubuntu) quickly become aware of the Sudo command. Many users never use it for anything other than getting past "permission denied" messages—but Sudo does so much more.

About Sudo

A common misconception about Sudo is that it is used solely to provide root permissions to an ordinary user. In fact, the Sudo command allows you to run a command as any user, with the default generally being the root.

How To Grant User Sudo Permissions

Ubuntu users typically take the ability to run the Sudo command for granted. That's because, during installation, a default user is created, and the default user in Ubuntu is always set up with Sudo permissions. If you are using other distributions or have other users within Ubuntu, however, the user likely needs to be granted permissions to run the Sudo command.

Only a few people should have access to the Sudo command, and they should be system administrators. Users should be given only...

0 0
4

There are 1000 ways to run service network restart without doing sudo service network restart. Here is an example of what a naughty user might try:

$ echo "service network restart" > /tmp/hax $ chmod a+x /tmp/hax $ sudo /tmp/hax

If you provide users with the ALL command alias, and then try to create a blacklist, they will always be able to find a way around it. Blacklist bash, and they will use python. Blacklist python, and they will use Perl. Blacklist Perl, and they will use PHP. Nobody wants that!

If you really don't want someone to do something, you should do as Thomas says, and create a whitelist of things they are allowed to do.

An example of a small whitelist with an exclusion can be found near the bottom of man sudoers:

pete HPPA = /usr/bin/passwd [A-Za-z]*, !/usr/bin/passwd root The user pete is allowed to change anyone's password except for root on the HPPA machines. Note that this assumes passwd(1) does not take multiple user names on the...
0 0
5

Using sudo command, an user can execute root only commands.

In this article, let us review how to setup sudo environment along with some sudo command examples, tips, and tricks.

1. Set up sudo Environment in /etc/sudoers

You can provide sudo privilege to an individual user or a group by modifying /etc/sudoers.

sudo access to an user

To provide sudo access to an individual user, add the following line to the /etc/sudoers file.

sathiya ALL=(ALL) ALL

In the above example:

sathiya : name of user to be allowed to use sudo ALL : Allow sudo access from any terminal ( any machine ). (ALL) : Allow sudo command to be executed as any user. ALL : Allow all commands to be executed.

sudo access to a group

To provide sudo access to a group, add the following line to the /etc/sudoers file.

%programmers ALL=(ALL) ALL

In the above example:

programmers : name of group to be allowed to use sudo. Group name should...
0 0
6

Sudo Command Examples In Ubuntu 14.04

On this page you will learn how to use perhaps the most popular Ubuntu Linux Command ever, the one and only Sudo Command.

SUDO Command Examples

sudo, sudoedit – execute a command as another user

SYNOPSIS
sudo -h | -K | -k | -L | -l | -V | -v
sudo [-bEHPS] [-p prompt] [-u username|#uid] [VAR=value] {-i | -s | command}

sudoedit [-S] [-p prompt] [-u username|#uid] file …

DESCRIPTION
sudo allows a permitted user to execute a command as the superuser or another user, as specified in the sudoers file. The real and effective uid and gid are set to match those of the target user as specified in the passwd file and the group vector is initialized based on the group file (unless the -P option was specified). If the invoking user is root or if the target user is the same as the invoking user, no password is required. Otherwise, sudo requires that users authenticate themselves with a password by...

0 0
7

About sudo

sudo ("superuser do", or "switch user do") allows a user with proper permissions to execute a command as another user, such as the superuser.

Description

sudo allows a permitted user to execute a command as another user, according to specifications in the /etc/sudoers file. The real and effective uid and gid of the issuing user are then set to match those of the target user account as specified in the passwd file.

By default, sudo requires that users authenticate themselves with a password. By default, this is the user's password, not the root password itself.

Once a user has been authenticated, a timestamp is recorded and the user may use sudo without a password for a short period of time (5 minutes, unless configured differently in sudoers). This timestamp can be renewed if the user issues sudo with the -v flag.

If a user not listed in sudoers tries to run a command using sudo, it is considered an unsuccessful attempt to...

0 0
8

Name

sudo, sudoedit - execute a command as another user

Synopsis

sudo -h | -K | -k | -V

sudo -v [-AknS] [-g group name | #gid] [-p prompt] [-u user name | #uid]

sudo -l[l] [-AknS] [-g group name | #gid] [-p prompt] [-U user name] [-u user name | #uid] [command]

sudo [-AbEHnPS] [-C fd] [-g group name | #gid] [-p prompt] [-r role] [-t type] [-u user name | #uid] [VAR=value] -i | -s [command]

sudoedit [-AnS] [-C fd] [-g group name | #gid] [-p prompt] [-u user name | #uid] file ...

Description

sudo allows a permitted user to execute a command as the superuser or another user, as specified by the security policy.

sudo supports a plugin architecture for security policies and input/output logging. Third parties can develop and distribute their own policy and I/O logging plugins to work seamlessly with the sudo front end. The default security policy is sudoers, which is configured via the file /etc/sudoers, or via...

0 0
9

Question

I have a script called

foo.sh

in my home folder. When I navigate to this folder, and enter

./foo.sh

, I get

-bash: ./foo.sh: Permission denied

. When I use

sudo ./foo.sh

, I get

sudo: foo.sh: command not found

. Why does this happen and how I can fix it?

Answer

Permission denied

In order to run a script the file must have an executable permission bit set.

In order to fully understand Linux file permissions you can study the documentation for the chmod command. chmod, an abbreviation of change mode, is the command that is used to change the permission settings of a file.

To read the chmod documentation for your local system , run man chmod or info chmod from the command line. Once read and understood you should be able to understand the output of running ...

ls -l foo.sh

... which will list the READ, WRITE and EXECUTE permissions for the...

0 0
10

In this article, we’re going to discuss Sudo, one of the frequently used commands in Linux. Sudo command stands for “superuser do”, It requires users to authenticate their password several times and asks them for confirmation to execute the commands before checking the file.

Key Benefit of Using this Tip

To avoid the tiresome process of inserting a password every time when you are working in Linux, our simple guidance provides you a solution to bypass the process of entering the password every time. However, you will need to consider certain security issues and consequences for allowing Sudo command without a password.

Run Sudo Command without a Password

We need to take /etc/sudoers file backup by typing the following command –

$ sudo cp /etc/sudoers /root/sudoers.bak

Edit the /etc/sudoers file by typing the visudo command:

$ sudo visudo

The output should be like the below image:

Append/edit the line as follows in the /etc/sudoers...

0 0
11
sudoers

default sudo security policy plugin

The

sudoers

policy plugin determines a user's

sudo

privileges. It is the default

sudo

policy plugin. The policy is driven by the

/etc/sudoers

file or, optionally in LDAP. The policy format is described in detail in the

SUDOERS FILE FORMAT

section. For information on storing

sudoers

policy information in LDAP, please see

sudoers.ldap(5)

.

sudo

consults the

sudo.conf(5)

file to determine which policy and and I/O logging plugins to load. If no

sudo.conf(5)

file is present, or if it contains no

Plugin

lines,

sudoers

will be used for policy decisions and I/O logging. To explicitly configure

sudo.conf(5)

to use the

sudoers

plugin, the following configuration can be used.

Plugin sudoers_policy sudoers.so Plugin sudoers_io sudoers.so

Starting with

sudo

1.8.5, it is possible to specify optional arguments to the

...
0 0
12

sudo is a powerful command line tool that enables a “permitted user” to run a command as another user (the superuser by default), as defined by a security policy. On most if not all Linux systems, the security policy is driven by the /etc/sudoers file.

Read Also: 10 Useful Sudoers Configurations for Setting ‘sudo’ in Linux

Therefore, to run a shell script or program as root, you need to use sudo command. However, sudo only recognizes and runs commands that exist in directories specified in the secure_path in the /etc/sudoers, unless a command is present in the secure_path, you’ll counter an error such as the one below.

This will happen even if the script exists in a directory in the PATH environmental variable, because when a user invokes sudo, PATH is replaced with secure_path.

$ echo $PATH $ ls -l $ sudo proconport.sh 80

Sudo Error While Running Script

In the above scenario, the directory /home/aaronkilik/bin is in the PATH environment variable...

0 0
13

If you use sudo to run commands as root, you've probably run into “permission denied” problems when only part of a pipeline or part of a command is running with root permissions.

This fails with “permission denied” because the file is writable only by root:

$ echo 12000 > /proc/sys/vm/dirty_writeback_centisecs

But, this fails too:

$ sudo echo 12000 > /proc/sys/vm/dirty_writeback_centisecs

Why? The /bin/echo program is running as root, because of sudo, but the shell that's redirecting echo's output to the root-only file is still running as you. Your current shell does the redirection before sudo starts.

The solution is to run the whole pipeline under sudo. There are a couple ways to do it, but I prefer:

echo "echo 12000 > /proc/sys/vm/dirty_writeback_centisecs" | sudo sh

That way, I can type everything before the pipe character, and see what I'm about to run as root, then press the up arrow and add the | sudo sh to do it for real. This is not a big...

0 0
14

---January 13, 2005

You mignt want to have a look at what "Tidy for FreeBSD" has done to the title of the page, though, 'cos it don't look too tidy, to me!

---January 28, 2005

My fault.. been doing a lot of cleaning up with tidy, but apparently a little too quick and didn't check the errors closely enough.

--TonyLawrence

Fri Mar 25 05:07:33 2005: 233 anonymous

I find this article to be very useful as i always used to think whether is the principle sudo possible and now it became possible ...:). It wud be better if the Security part regarding environmental variables part is more elaborated.... Anyway, thanks for the article as it was useful for me, beginner...

Tue Mar 29 02:39:07 2005: 241 anonymous

Is it possible to specify the list of commands that are not allowed.

Tue Mar 29 10:02:16 2005: 243 TonyLawrence


Yes, it's POSSIBLE to say "these are the commands that you can't run", but it's not a good idea...

0 0