GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
SUDO(8) FreeBSD System Manager's Manual SUDO(8)

sudo, sudoedit
execute a command as another user

sudo -h | -K | -k | -V

sudo -v [
-AknS
] [
-a type
] [
-g group
] [
-h host
] [
-p prompt
] [
-u user
]

sudo -l [
-AknS
] [
-a type
] [
-g group
] [
-h host
] [
-p prompt
] [
-U user
] [
-u user
] [
command
]

sudo [
-AbEHnPS
] [
-a type
] [
-C num
] [
-c class
] [
-g group
] [
-h host
] [
-p prompt
] [
-r role
] [
-t type
] [
-T timeout
] [
-u user
] [
VAR=value
] [
-i | -s
] [
command
]

sudoedit [
-AknS
] [
-a type
] [
-C num
] [
-c class
] [
-g group
] [
-h host
] [
-p prompt
] [
-T timeout
] [
-u user
] file ...

sudo allows a permitted user to execute a command as the superuser or another user, as specified by the security policy. The invoking user's real (not effective) user ID is used to determine the user name with which to query the security policy.
sudo supports a plugin architecture for security policies and input/output logging. Third parties can develop and distribute their own policy and I/O logging plugins to work seamlessly with the sudo front end. The default security policy is sudoers, which is configured via the file /usr/local/etc/sudoers, or via LDAP. See the Plugins section for more information.
The security policy determines what privileges, if any, a user has to run sudo. The policy may require that users authenticate themselves with a password or another authentication mechanism. If authentication is required, sudo will exit if the user's password is not entered within a configurable time limit. This limit is policy-specific; the default password prompt timeout for the sudoers security policy is 5 minutes.
Security policies may support credential caching to allow the user to run sudo again for a period of time without requiring authentication. The sudoers policy caches credentials for 5 minutes, unless overridden in sudoers(5). By running sudo with the -v option, a user can update the cached credentials without running a command.
When invoked as sudoedit, the -e option (described below), is implied.
Security policies may log successful and failed attempts to use sudo. If an I/O plugin is configured, the running command's input and output may be logged as well.
The options are as follows:
, --askpass
Normally, if sudo requires a password, it will read it from the user's terminal. If the -A (askpass) option is specified, a (possibly graphical) helper program is executed to read the user's password and output the password to the standard output. If the SUDO_ASKPASS environment variable is set, it specifies the path to the helper program. Otherwise, if sudo.conf(5) contains a line specifying the askpass program, that value will be used. For example:
# Path to askpass helper program 
Path askpass /usr/X11R6/bin/ssh-askpass
    
If no askpass program is available, sudo will exit with an error.
October 27, 2018 Sudo 1.8.26

Search for    or go to Top of page |  Section 8 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.