abdullah roomi, profile picture
Uploaded byabdullah roomi
PPTX, PDF599 views

Sudo`

This document provides an overview of sudo and su commands in Linux. It discusses the objectives which include background information, definitions and syntax of sudo and su, benefits of each, and how to configure sudo privileges and aliases. It also covers fundamentals of network administration including the difference between privileges and permissions, protection mechanism requirements, and how to diagram a use case. References are provided for further reading.

Embed presentation

Downloaded 12 times
Hebron University College: Information Technology Department: Security and Protection of Computer Networks
OBJECTIVES • Background • Sudo Definition and Syntax. • Benefits of Sudo. • Su definition and Syntax. • Benefits of Su Command. • What is Visudo? • How To Give a User Sudo Privileges? • How To Create Aliases?
SUDOERS 1. Background
FUNDAMENTALS OF NETWORK ADMINISTRATION •What is the difference between privilege and permission . •Design principles for protection mechanism requirement . •diagram a use case with Visual Paradigm
FUNDAMENTALS OF NETWORK ADMINISTRATION • A permission is a property of an object, such as a file. It says which agents are permitted to use the object, and what they are permitted to do (read it, modify it, etc.). • A privilege is a property of an agent, such as a user. It lets the agent do things that are not ordinarily allowed. For example, there are privileges which allow an agent to access an object that it does not have permission to access, and privileges which allow an agent to perform maintenance functions such as restart the computer.
PROTECTION MECHANISM REQUIREMENT • Least Privilege • Should only have the rights necessary to complete your task. • Default should be lack of access • If access needed temporarily, then it should be rescinded right after use • Separation of Privilege • Access to objects should depend on more than one condition being satisfied • Separation of duty • Two person rule • Isolation of Privilege
DIAGRAM A USE CASE WITH VISUAL PARADIGM
SUDOERS 2. SUDO Command In Linux
SUDO COMMAND IN LINUX • The Sudo command is: the administrator can configure sudo to allow an ordinary user to execute commands as a different user (usually the superuser) • Syntax is : Sudo <command>
BENEFITS OF SUDO COMMAND IN LINUX • Running sudo gives you some benefits – so one hears: • Using sudo records everything someone does as root. • Using sudo prevents a user from running continually as root, preventing errors. • Using sudo prevents a user from having to know the root password. • Using sudo prevents a user from executing anything they are not permitted to.
SU DEFINITION AND SYNTAX • Su definition is: The su command switches to the super user or root user when you execute it with no additional options. • Syntax: Su <option>
BENEFITS OF SU COMMAND . • Running SU gives you some benefits – so one hears: • root account’s password may require. • Switch to any user account . • Exit is required .
VISUDO COMMAND IN LINUX • The visudo command: opens a text editor like normal, but it validates the syntax of the file upon saving. This prevents configuration errors from blocking sudo operations, which may be your only way of obtaining root privileges. Traditionally, visudo opens the /etc/sudoers file with the vi text editor. Ubuntu, however, has configured visudo to use the nano text editor instead
VISUDO COMMAND IN LINUX (CONT’D) CHANGE TEXT EDITOR • The command is : • sudo update-alternatives --config editor • The output is :
HOW TO GIVE A USER SUDO PRIVILEGES? •The list of Commands are: •sudo usermod -aG sudo <username> •sudo gpasswd -a <username> sudo •sudo usermod -aG wheel <username> •sudo gpasswd -a <username> wheel
HOW TO CREATE ALIASES? • There are four kinds of aliases: • User_Alias • Runas_Alias • Host_Alias • Cmnd_Alias • Each alias definition is of the form: • Alias_Type NAME = item1, item2, ...
KINDS OF ALIASES • User Aliases User aliases are used to specify groups of users. You can specify usernames, system groups (prefixed by a %) and netgroups (prefixed by a +) as follows:
KINDS OF ALIASES (CONT’D) • Runas Aliases Runas Aliases are almost the same as user aliases but you are allowed to specify users by uid's. This is helpful as usernames and groups are matched as strings so two users with the same uid but different usernames will not be matched by entering a single username but can be matched with a uid. For example:
KINDS OF ALIASES (CONT’D) • Host Aliases: A host alias is a list of hostname, ip addresses, networks and netgroups (prefixed with a +). If you do not specify a netmask with a network the netmask of the hosts ethernet interface(s) will be used when matching.
KINDS OF ALIASES (CONT’D) • Command Aliases: Command aliases are lists of commands and directories. You can use this to specify a group of commands. If you specify a directory it will include any file within that directory but not in any subdirectories.
USER SPECIFICATIONS • User Specifications: User Specifications are where the sudoers file sets who can run what as who. It is the key part of the file and all the aliases have just been set up for this very point. • A user specification is in the format • <user list> <host list> = <operator list> <tag list> <command list>
THE DEFAULT UBUNTU SUDOERS FILE
REFERENCES • privilege and permission: https://www.bayt.com/en/specialties/q/35375/what-is-the-difference- between-privilege-and-permission-in-computer-security/ • protection mechanism http://www.cs.ucsb.edu/~kemm/courses/cs177/principles.pdf • diagram a use case with Visual Paradigm https://stackoverflow.com/questions/34951366/some-help-diagram-a-use- case-with-visual-paradigm/34951532#34951532
REFERENCES (CONT’D) • Sudo Definition and Syntax: http://wiki.lib.sun.ac.za/images/c/ca/TLCL-13.07.pdf • What is Visudo?,How To Give a User Sudo Privileges?: https://www.digitalocean.com/community/tutorials/how-to-edit-the- sudoers-file-on-ubuntu-and-centos • Alias: https://help.ubuntu.com/community/Sudoers • Benefits of Sudo Command in Linux https://administratosphere.wordpress.com/2009/04/14/sudo-bane-or- benefit/
REFERENCES (CONT’D) • Benefits of Su Command. https://www.howtogeek.com/111479/htg-explains-whats-the-difference- between-sudo-su/

More Related Content

PPT
Chapter03 Creating And Managing User Accounts
byRaja Waseem Akhtar
 
PPTX
Linux file system
byMd. Tanvir Hossain
 
PPTX
UNIX/Linux training
byMichael Olafusi
 
PPTX
Linux User Management
byGaurav Mishra
 
PPTX
Linux basic commands
bySagar Kumar
 
PPTX
Linux security
bytrilokchandra prakash
 
PPT
Unix/Linux Basic Commands and Shell Script
bysbmguys
 
PPT
Linux - Introductions to Linux Operating System
byVibrant Technologies & Computers
 
Chapter03 Creating And Managing User Accounts
byRaja Waseem Akhtar
 
Linux file system
byMd. Tanvir Hossain
 
UNIX/Linux training
byMichael Olafusi
 
Linux User Management
byGaurav Mishra
 
Linux basic commands
bySagar Kumar
 
Linux security
bytrilokchandra prakash
 
Unix/Linux Basic Commands and Shell Script
bysbmguys
 
Linux - Introductions to Linux Operating System
byVibrant Technologies & Computers
 

What's hot

PPTX
Unix Linux Commands Presentation 2013
byWave Digitech
 
PPTX
User management
byMufaddal Haidermota
 
PPT
Linux basic commands
byMohanKumar Palanichamy
 
PDF
Course 102: Lecture 14: Users and Permissions
byAhmed El-Arabawy
 
PPT
Linux basics
bySantosh Khadsare
 
PPT
Creating a database
byRahul Gupta
 
PPTX
windows vs Linux
byMarian Internatiinal Institute Of Management , kuttikanam , idukki
 
PPT
Linux history & features
byRohit Kumar
 
PPTX
Bash shell scripting
byVIKAS TIWARI
 
PPTX
Introduction to Web Technology
byAashish Jain
 
PPTX
Filepermissions in linux
bySubashini Pandiarajan
 
PPTX
Linux commands
bypenetration Tester
 
ODP
Linux commands
byBalakumaran Arunachalam
 
PPTX
Introduction to linux ppt
byOmi Vichare
 
PPTX
Basics of-linux
bySingsys Pte Ltd
 
ODP
Cron
byIryney Baran
 
PPTX
Linux fundamentals
byRaghu nath
 
PPTX
File permission in Linux
byKrutikMandre1
 
PPSX
User Administration in Linux
bySAMUEL OJO
 
PPTX
Systems Administration
byMark John Lado, MIT
 
Unix Linux Commands Presentation 2013
byWave Digitech
 
User management
byMufaddal Haidermota
 
Linux basic commands
byMohanKumar Palanichamy
 
Course 102: Lecture 14: Users and Permissions
byAhmed El-Arabawy
 
Linux basics
bySantosh Khadsare
 
Creating a database
byRahul Gupta
 
windows vs Linux
byMarian Internatiinal Institute Of Management , kuttikanam , idukki
 
Linux history & features
byRohit Kumar
 
Bash shell scripting
byVIKAS TIWARI
 
Introduction to Web Technology
byAashish Jain
 
Filepermissions in linux
bySubashini Pandiarajan
 
Linux commands
bypenetration Tester
 
Linux commands
byBalakumaran Arunachalam
 
Introduction to linux ppt
byOmi Vichare
 
Basics of-linux
bySingsys Pte Ltd
 
Cron
byIryney Baran
 
Linux fundamentals
byRaghu nath
 
File permission in Linux
byKrutikMandre1
 
User Administration in Linux
bySAMUEL OJO
 
Systems Administration
byMark John Lado, MIT
 

Similar to Sudo`

PPTX
Linux+Command+Line+&+Shell+Scripting+Masterclass+-+Final.pptx
bynewscribduserly
 
PPTX
11 - Users Management and Groupsss.pptx
byFutureTechnologies3
 
DOC
Sudo
byHemakumar.S
 
PDF
Users and groups in Linux
byKnoldus Inc.
 
PDF
Introduction to Linux OS (Part 2) - Tutorial
byFaculty of Computers and Informatics, Suez Canal University, Ismailia, Egypt
 
PPTX
Linux Fundamentals - An Intro to Linux Fundamentals
bytrevor8osborne
 
PPTX
Users and Groups in Linux for beginners.
byRitikaLohiya2
 
PPTX
User and groups administrator
byAisha Talat
 
PPTX
Sudo &amp; su commands
byMeenu Chopra
 
PPTX
What’s new in Sudo 1.8?
byTyler Reese
 
PDF
Linux Security
byMahdi Cherif
 
PPTX
Chapter 3 LectureChapter 3 LectureChapter 3 Lecture.pptx
byShahKhir1
 
PPT
Learning Linux v2.1
bysdiviney
 
PPTX
Topic 3-1_More_Linux_Commands.pptx
bydulala3
 
ODP
CS50x Permissions, Files, Users
byFábio Emilio Costa
 
PDF
linux.pdf
byjhon508183
 
PPT
06 users groups_and_permissions
byShay Cohen
 
PDF
Linux Tutorial with commands to use while learning
byArunVastrad4
 
PDF
Manage Local Users and Groups - RHCSA (RH124)
byLinuxCert Guru
 
PPT
chapter11.. linux. Managing Users . ppt
byno22rah1
 
Linux+Command+Line+&+Shell+Scripting+Masterclass+-+Final.pptx
bynewscribduserly
 
11 - Users Management and Groupsss.pptx
byFutureTechnologies3
 
Sudo
byHemakumar.S
 
Users and groups in Linux
byKnoldus Inc.
 
Introduction to Linux OS (Part 2) - Tutorial
byFaculty of Computers and Informatics, Suez Canal University, Ismailia, Egypt
 
Linux Fundamentals - An Intro to Linux Fundamentals
bytrevor8osborne
 
Users and Groups in Linux for beginners.
byRitikaLohiya2
 
User and groups administrator
byAisha Talat
 
Sudo &amp; su commands
byMeenu Chopra
 
What’s new in Sudo 1.8?
byTyler Reese
 
Linux Security
byMahdi Cherif
 
Chapter 3 LectureChapter 3 LectureChapter 3 Lecture.pptx
byShahKhir1
 
Learning Linux v2.1
bysdiviney
 
Topic 3-1_More_Linux_Commands.pptx
bydulala3
 
CS50x Permissions, Files, Users
byFábio Emilio Costa
 
linux.pdf
byjhon508183
 
06 users groups_and_permissions
byShay Cohen
 
Linux Tutorial with commands to use while learning
byArunVastrad4
 
Manage Local Users and Groups - RHCSA (RH124)
byLinuxCert Guru
 
chapter11.. linux. Managing Users . ppt
byno22rah1
 

More from abdullah roomi

PDF
Swap
byabdullah roomi
 
PPTX
IPsec
byabdullah roomi
 
PPTX
Emulation-based SW protection
byabdullah roomi
 
PDF
Network File System (NFS)
byabdullah roomi
 
PDF
RSS Application Using Dom
byabdullah roomi
 
PPTX
Security in Windows operating system
byabdullah roomi
 
DOCX
Wireless Sensor Networks
byabdullah roomi
 
PPTX
Mobile Forensics
byabdullah roomi
 
PPTX
Nginx as a Revers Proxy for Apache on Ubuntu
byabdullah roomi
 
PPTX
it project
byabdullah roomi
 
Swap
byabdullah roomi
 
IPsec
byabdullah roomi
 
Emulation-based SW protection
byabdullah roomi
 
Network File System (NFS)
byabdullah roomi
 
RSS Application Using Dom
byabdullah roomi
 
Security in Windows operating system
byabdullah roomi
 
Wireless Sensor Networks
byabdullah roomi
 
Mobile Forensics
byabdullah roomi
 
Nginx as a Revers Proxy for Apache on Ubuntu
byabdullah roomi
 
it project
byabdullah roomi
 

Recently uploaded

PDF
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
PPTX
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
PDF
10 Things AI-First Apps Do Differently by iProgrammer Solutions
byiProgrammer Solutions Private Limited
 
PDF
How to Evaluate a High Performance Database
byScyllaDB
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PDF
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Lab 1.5 - Sharing Secrets with GPG ~ 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Cross-Cultural Agile Development -Challenges and Strategies for Overcoming Them-
byTakashi Makino
 
PPTX
MGw_MRS Benfits seu beficios de redes 4g
byJoaquimBarros18
 
PPTX
How to make Ai agents using Google Gemini AI.pptx
bypkluffy111
 
PPTX
Building Agents in Microsoft Agent Framework.pptx
byUdaiappa Ramachandran
 
PDF
HCSP-Presales-Campus Network Planning and Design V2.0
byVeronica916344
 
PDF
100 Insights After the 200th Issue of NewMind AI Journal
byNewMind AI
 
PDF
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
PPTX
Emancipatory Information Retrieval: Radically Reorienting Information Retriev...
byBhaskar Mitra
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
Day 4 - Access, Deployments, and Monitoring - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
PPTX
Gemini vs ChatGPT : Comparing Top AI Models
byDigicarrom
 
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
10 Things AI-First Apps Do Differently by iProgrammer Solutions
byiProgrammer Solutions Private Limited
 
How to Evaluate a High Performance Database
byScyllaDB
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Lab 1.5 - Sharing Secrets with GPG ~ 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Cross-Cultural Agile Development -Challenges and Strategies for Overcoming Them-
byTakashi Makino
 
MGw_MRS Benfits seu beficios de redes 4g
byJoaquimBarros18
 
How to make Ai agents using Google Gemini AI.pptx
bypkluffy111
 
Building Agents in Microsoft Agent Framework.pptx
byUdaiappa Ramachandran
 
HCSP-Presales-Campus Network Planning and Design V2.0
byVeronica916344
 
100 Insights After the 200th Issue of NewMind AI Journal
byNewMind AI
 
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
Emancipatory Information Retrieval: Radically Reorienting Information Retriev...
byBhaskar Mitra
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Day 4 - Access, Deployments, and Monitoring - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
Gemini vs ChatGPT : Comparing Top AI Models
byDigicarrom
 

Sudo`

  • 1.
    Hebron University College: InformationTechnology Department: Security and Protection of Computer Networks
  • 2.
    OBJECTIVES • Background • SudoDefinition and Syntax. • Benefits of Sudo. • Su definition and Syntax. • Benefits of Su Command. • What is Visudo? • How To Give a User Sudo Privileges? • How To Create Aliases?
  • 3.
  • 4.
    FUNDAMENTALS OF NETWORK ADMINISTRATION •Whatis the difference between privilege and permission . •Design principles for protection mechanism requirement . •diagram a use case with Visual Paradigm
  • 5.
    FUNDAMENTALS OF NETWORK ADMINISTRATION •A permission is a property of an object, such as a file. It says which agents are permitted to use the object, and what they are permitted to do (read it, modify it, etc.). • A privilege is a property of an agent, such as a user. It lets the agent do things that are not ordinarily allowed. For example, there are privileges which allow an agent to access an object that it does not have permission to access, and privileges which allow an agent to perform maintenance functions such as restart the computer.
  • 6.
    PROTECTION MECHANISM REQUIREMENT • LeastPrivilege • Should only have the rights necessary to complete your task. • Default should be lack of access • If access needed temporarily, then it should be rescinded right after use • Separation of Privilege • Access to objects should depend on more than one condition being satisfied • Separation of duty • Two person rule • Isolation of Privilege
  • 7.
    DIAGRAM A USECASE WITH VISUAL PARADIGM
  • 8.
  • 9.
    SUDO COMMAND INLINUX • The Sudo command is: the administrator can configure sudo to allow an ordinary user to execute commands as a different user (usually the superuser) • Syntax is : Sudo <command>
  • 10.
    BENEFITS OF SUDOCOMMAND IN LINUX • Running sudo gives you some benefits – so one hears: • Using sudo records everything someone does as root. • Using sudo prevents a user from running continually as root, preventing errors. • Using sudo prevents a user from having to know the root password. • Using sudo prevents a user from executing anything they are not permitted to.
  • 11.
    SU DEFINITION ANDSYNTAX • Su definition is: The su command switches to the super user or root user when you execute it with no additional options. • Syntax: Su <option>
  • 12.
    BENEFITS OF SUCOMMAND . • Running SU gives you some benefits – so one hears: • root account’s password may require. • Switch to any user account . • Exit is required .
  • 13.
    VISUDO COMMAND INLINUX • The visudo command: opens a text editor like normal, but it validates the syntax of the file upon saving. This prevents configuration errors from blocking sudo operations, which may be your only way of obtaining root privileges. Traditionally, visudo opens the /etc/sudoers file with the vi text editor. Ubuntu, however, has configured visudo to use the nano text editor instead
  • 14.
    VISUDO COMMAND INLINUX (CONT’D) CHANGE TEXT EDITOR • The command is : • sudo update-alternatives --config editor • The output is :
  • 15.
    HOW TO GIVEA USER SUDO PRIVILEGES? •The list of Commands are: •sudo usermod -aG sudo <username> •sudo gpasswd -a <username> sudo •sudo usermod -aG wheel <username> •sudo gpasswd -a <username> wheel
  • 16.
    HOW TO CREATEALIASES? • There are four kinds of aliases: • User_Alias • Runas_Alias • Host_Alias • Cmnd_Alias • Each alias definition is of the form: • Alias_Type NAME = item1, item2, ...
  • 17.
    KINDS OF ALIASES •User Aliases User aliases are used to specify groups of users. You can specify usernames, system groups (prefixed by a %) and netgroups (prefixed by a +) as follows:
  • 18.
    KINDS OF ALIASES(CONT’D) • Runas Aliases Runas Aliases are almost the same as user aliases but you are allowed to specify users by uid's. This is helpful as usernames and groups are matched as strings so two users with the same uid but different usernames will not be matched by entering a single username but can be matched with a uid. For example:
  • 19.
    KINDS OF ALIASES(CONT’D) • Host Aliases: A host alias is a list of hostname, ip addresses, networks and netgroups (prefixed with a +). If you do not specify a netmask with a network the netmask of the hosts ethernet interface(s) will be used when matching.
  • 20.
    KINDS OF ALIASES(CONT’D) • Command Aliases: Command aliases are lists of commands and directories. You can use this to specify a group of commands. If you specify a directory it will include any file within that directory but not in any subdirectories.
  • 21.
    USER SPECIFICATIONS • UserSpecifications: User Specifications are where the sudoers file sets who can run what as who. It is the key part of the file and all the aliases have just been set up for this very point. • A user specification is in the format • <user list> <host list> = <operator list> <tag list> <command list>
  • 22.
  • 23.
    REFERENCES • privilege andpermission: https://www.bayt.com/en/specialties/q/35375/what-is-the-difference- between-privilege-and-permission-in-computer-security/ • protection mechanism http://www.cs.ucsb.edu/~kemm/courses/cs177/principles.pdf • diagram a use case with Visual Paradigm https://stackoverflow.com/questions/34951366/some-help-diagram-a-use- case-with-visual-paradigm/34951532#34951532
  • 24.
    REFERENCES (CONT’D) • SudoDefinition and Syntax: http://wiki.lib.sun.ac.za/images/c/ca/TLCL-13.07.pdf • What is Visudo?,How To Give a User Sudo Privileges?: https://www.digitalocean.com/community/tutorials/how-to-edit-the- sudoers-file-on-ubuntu-and-centos • Alias: https://help.ubuntu.com/community/Sudoers • Benefits of Sudo Command in Linux https://administratosphere.wordpress.com/2009/04/14/sudo-bane-or- benefit/
  • 25.
    REFERENCES (CONT’D) • Benefitsof Su Command. https://www.howtogeek.com/111479/htg-explains-whats-the-difference- between-sudo-su/