linux - How does sudo actually work?

07
2014-07
  • Lucas Phillips

    How is it possible for sudo to actually function? If it's just a normal program, couldn't you make the same thing without requiring the user to authenticate, giving anyone with access to a computer automatic root access? And how can it do things as root without root's password?

    • Answers
  • Hennes

    TL;DR: Sudo has a special flag


    Sudo has the set uid bit set as you can see here:

    ls -l `which sudo`
    -rwsr-xr-x 2 root root 127668 2013-02-27 21:41 /usr/bin/sudo

    Setting the suid bit for a file means what the program gets run with the effective uid or the suid-ed user. And in this this case user root has uid 0, granting it elevated permissions.


    • Related Question

    linux - CentOS, sudo Doesn't Accept root Password, but Logging in as root Works
  • nicorellius

    I am new to Linux and I have CentOS running on a dual boot system. I was trying to edit a file requiring root permissions, so I used sudo. I typed the root password and it failed. This happened three times, and the process was ended. I then logged in as root (su) and was able to navigate to the file and make changes as root. Am I missing something? How would I edit the sudoers file such that this password would work? Or is there another way to log in to the sudo group to make these changes? How do I set sudo passwords?


    • Related Answers
  • Marnix A. van Ammers

    Sudo expects you to type in your password, not the password of root. And your account needs to be in the sudoers file.