The security of a Linux system depends largely on the enforcement of
file access permissions. Access to a file is
granted or withheld by comparing the identity of the user making the
request against permissions associated with the file itself. Most system
configuration files and administration activities are accessible only to
the privileged system user. That user is commonly known as the
superuser or the root account, and are not
available to ordinary users.
This tutorial presents a technique for safely granting trusted users access to these programs and files where it would normally be denied. The system administrator can keep the root password concealed, yet still allow selected users to obtain privileged access.
Although sudo(8)[1] offers robust control for a networked environment, this
tutorial covers only local use. For more information, refer to http://www.sudo.ws/sudo,
the official web site.
[1] When writing about programs or system configuration files, it is customary to indicate which section of the on-line manual pages contain its documentation. For example, section one (1) documents applications, section two (2) documents system calls, and so on. Because sometimes the same name may be both a system call and a library function, knowing the manual page section is important. Compare the results of the following commands:
man 2 exitman 3 exit