OpenSUSE install sudo to execute commands as root

ADVERTISEMENTS



How to install sudo command on OpenSUSE Linux

There is no sudo installed by default on my OpenSUSE Linux server. Other users and I need to use ‘su -‘ command to run commands as root. How do I install a sudo package on OpenSUSE Linux?One should not log in and use the root account for daily tasks either on the server or desktop. Managing a Linux system with sudo is safer and more accessible. Not to mention sudo log all commands and other information to /var/log/ directory. This page shows how to install sudo on OpenSUSE Linux when not installed by default.

The procedure is as follows:

Open the Terminal Window. For remote server login using the ssh command. Search sudo package using zypper search sudo Install sudo in OpenSUSE Linux, run: zypper in sudo Configure sudo and test it Disable direct root access via ssh and use the sudo for admin tasks

Let us see all commands and examples in details.

Step 1 – Search for package using zypper

Type the following zypper command:

# zypper search sudo

Sample outputs:

Loading repository data... Reading installed packages... S | Name | Summary | Type --+--------------------------+-------------------------------------+----------- | gnome-sudoku | Sudoku Game for GNOME | package | gnome-sudoku-lang | Translations for package gnome-su-> | package | ksudoku | Program to generate and solve Sud-> | package | ksudoku-lang | Translations for package ksudoku | package | lxqt-sudo | GUI frontend for sudo | package | lxqt-sudo-lang | Languages for package lxqt-sudo | package | openstack-suse-sudo | OpenStack SUSE - Sudo Support | package | sudo | Execute some commands as root | package | sudo | Execute some commands as root | srcpackage | sudo-devel | Header files needed for sudo plug-> | package | sudo-test | Tests for the package | package | sudoku-sensei | Enjoy playing with Sudoku boards -> | package | texlive-sudoku | Create sudoku grids | package | texlive-sudoku-doc | Documentation for texlive-sudoku | package | texlive-sudokubundle | A set of sudoku-related packages | package | texlive-sudokubundle-doc | Documentation for texlive-sudokub-> | package | yast2-sudo | YaST2 - sudo configuration | package Loading repository data... Reading installed packages... S | Name | Summary | Type --+--------------------------+-------------------------------------+----------- | gnome-sudoku | Sudoku Game for GNOME | package | gnome-sudoku-lang | Translations for package gnome-su-> | package | ksudoku | Program to generate and solve Sud-> | package | ksudoku-lang | Translations for package ksudoku | package | lxqt-sudo | GUI frontend for sudo | package | lxqt-sudo-lang | Languages for package lxqt-sudo | package | openstack-suse-sudo | OpenStack SUSE - Sudo Support | package | sudo | Execute some commands as root | package | sudo | Execute some commands as root | srcpackage | sudo-devel | Header files needed for sudo plug-> | package | sudo-test | Tests for the package | package | sudoku-sensei | Enjoy playing with Sudoku boards -> | package | texlive-sudoku | Create sudoku grids | package | texlive-sudoku-doc | Documentation for texlive-sudoku | package | texlive-sudokubundle | A set of sudoku-related packages | package | texlive-sudokubundle-doc | Documentation for texlive-sudokub-> | package | yast2-sudo | YaST2 - sudo configuration | package

Get information about the sudo package

Run the following zypper:

# zypper info sudo

Sample outputs:

Loading repository data... Reading installed packages... Information for package sudo: ----------------------------- Repository : openSUSE-Leap- 15.1 -Update Name : sudo Version : 1.8.22-lp151.5.3.1 Arch : x86_64 Vendor : openSUSE Installed Size : 2.7 MiB Installed : No Status : not installed Source package : sudo-1.8.22-lp151.5.3.1.src Summary : Execute some commands as root Description : Sudo is a command that allows users to execute some commands as root. The /etc/sudoers file ( edited with 'visudo' ) specifies which users have access to sudo and which commands they can run. Sudo logs all its activities to syslogd, so the system administrator can keep an eye on things. Sudo asks for the password for initializing a check period of a given time N ( where N is defined at installation and is set to 5 minutes by default ) . Loading repository data... Reading installed packages... Information for package sudo: ----------------------------- Repository : openSUSE-Leap-15.1-Update Name : sudo Version : 1.8.22-lp151.5.3.1 Arch : x86_64 Vendor : openSUSE Installed Size : 2.7 MiB Installed : No Status : not installed Source package : sudo-1.8.22-lp151.5.3.1.src Summary : Execute some commands as root Description : Sudo is a command that allows users to execute some commands as root. The /etc/sudoers file (edited with 'visudo') specifies which users have access to sudo and which commands they can run. Sudo logs all its activities to syslogd, so the system administrator can keep an eye on things. Sudo asks for the password for initializing a check period of a given time N (where N is defined at installation and is set to 5 minutes by default).

Step 2 – OpenSUSE install sudo using zypper

Now that you know how to search and lookup for sudo package, it is time to install the same:

# zypper in sudo



Step 3 – Configure sudo on OpenSUSE

Next, we need to enable sudo access for a user account, run:

# visudo

Make sure the following line exists:

#includedir /etc/sudoers.d

Next find and comment out the following two lines so that only users in wheel group can run sudo command:

#Defaults targetpw # ask for the password of the target user i.e. root

#ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!

Save and close the file.

Configuring sudo wheel group

Create a new config file as follows:

# visudo -f /etc/sudoers.d/wheel-users

Append the following config:

# Allow members of group wheel to execute any command %wheel ALL = ( ALL ) ALL # Allow members of group wheel to execute any command %wheel ALL=(ALL) ALL

Save and close the file by pressing ESC followed by :x .

How to set and user group access

First, add a new group named wheel using the groupadd command:

# groupadd wheel

Verify it with the help of grep command and /etc/group file:

# grep ^wheel /etc/group

Next, I am going to add existing user named ‘vivek’ to the wheel group as follows:

# usermod -aG wheel {username}

# usermod -aG wheel vivek

Verify with the id command:

id vivek



How to run applications or commands with root permissions

All members of the wheel group can run sudo command using the following syntax

sudo command

sudo command arg1 arg2

sudo ls -l /etc/shadow

sudo systemctl restart nginx.service

To gain root shell:

sudo -i



Disable ssh based root access (optional)

First, install ssh keys for vivek user in your remote/locate OpenSUSE Linux server using the ssh-copy-id command:

ssh-copy-id -i ~/.ssh/id_rsa.pub vivek@ln.opensuse

OR

ssh-copy-id -i ~/.ssh/id_ed25519.pub vivek@ln.opensuse

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/vivek/.ssh/id_ed25519.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'vivek@ln.opensuse'" and check to make sure that only the key(s) you wanted were added.

Verify that you can login and use sudo:

ssh vivek@ln.opensuse

sudo -i

Finally, on your OpenSUSE Linux edit the /etc/ssh/sshd_config, run:

# vi /etc/ssh/sshd_config

Update it as follows:

## disable all password login including root user login ##

ChallengeResponseAuthentication no

PasswordAuthentication no

PermitRootLogin no

UsePAM no

Restart or reload OpenSSHD service:

# systemctl restart sshd.service

For more info see:

Conclusion

You learned that instead of using the root user on OpenSUSE Linux, one could use the sudo command. To use sudo, we installed and configure sudo on the OpenSUSE Linux server. See sudo docs for more info.

Category List of Unix and Linux commands File Management cat Network Utilities dig • host • ip • nmap Package Manager apk • apt Processes Management bg • chroot • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time Searching grep • whereis • which User Information groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w