Admin... by accident!

You may have chosen to be an admin. I didn't!

  • Home
  • FreeBSD
  • GNU/Linux
  • Security
  • Network
  • Virtualization
  • Politics
  • Github
  • Donate
  • Me

How to install sudo in FreeBSD

April 25, 2017 by Albert Valbuena

Sudo is a very useful application. It allows a regular user to perform tasks only reserved to the root account. There is lots of documentation about sudo and there is even a book about it called “Sudo Mastery”. If you need to investigate deep on this, buy it.

Why do you need this? Well… Everyone who has had any contact with computers in the western world has used Microsoft Windows. Whatever the version. And many, many, way too many people is using the Administrator account badly. And Microsoft has done very little (almost nothing) to prevent this. This has changed with Windows 10. Thirty years later. Yeah… An Administrator account is the account to perform system maintenance, install software, and so on. If you want to surf the web, use a word processing program, a spreadsheet, a sophisticated draw program, etc you just need a regular user account.

The Administrator account is called root in the UNIX world. This account is the only one which can do anything in the system. Therefore if you gain access to this account you have all the rights and power on that machine. Now imagine you are surfing the web using your Firefox, Chrome, Safari, Edge or whatever you use for that. You go into a malicious website or one you know very well but has been attacked and has now become malicious. Some code from that website can infect yours through the web browser. If you happen to be running the Administrator (read root in the UNIX world) you are screwed. The infection may come through another method such as a virus in an USB stick someone lend you with a music file or anything you share. Since you are running your computer with the highest privileged user the virus will have plenty of room and privilege to scale up to the top and mess around with your machine. Some may install a keylogger so when you type your bank credentials they are recorded, stored and later send to the attacker. Some will just want to see through your webcam and you know… see you.

In the server realm running programs, utilities, etc as root all the time is bad and considered an insecure methodology. Sudo allows a less privileged user to act momentarily as if it were root. Mac OS X already blocks the root account so to perform any administrative task you will be prompted to put your password. Ubuntu Linux also does this by default.

Now we will install the sudo program in our FreeBSD server. As root type:

pkg install sudo

After installing it you have to configure it. To do so you have to type visudo at the terminal. A file will pop up. This is the configuration file for sudo. If you press the arrow down to see the rest of the file content you will arrive to a place where the following can be read. As you can see the root account can do everything. See the “alls”?.

##
## User privilege specification
##
root ALL=(ALL) ALL

## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL

For you being able to perform tasks as superuser and invoke the sudo command you have to edit this file. Just remove the # before %wheell ALL=(ALL) ALL, close the file by pressing :wq and log out and then log in. You can now become root by typing su or type sudo to have momentary root powers for certain tasks at specific times.

If you find the articles in Adminbyaccident.com useful to you, please consider making a donation.

Filed Under: How To's, Security

Recent Posts

  • The CentOS party is over, isn’t it?
  • Donation Time 2020
  • How to configure TLS 1.2 on UNIX or GNU/Linux
  • How to install the Clamav antivirus on CentOS 8
  • 100 articles mark at Adminbyaccident.com
  • How to analyze suspicious email
  • How to work with Nessus scan results
  • How to install Ansible on FreeBSD
  • How to secure the ELK stack on CentOS 8
  • How to mirror disks on FreeBSD’s ZFS
  • Nmap cheatsheet
  • Nessus vulnerability scanner
  • How to install the ELK stack on CentOS 8
  • How to install OSSEC agents on Windows
  • Exploiting CVE-2019-0708 Remote Desktop Protocol on Windows
  • Microsoft’s Patch Tuesday – April 2020
  • Web credentials stealing
  • ARP spoofing attacks
  • How to install OSSEC server on Ubuntu
  • How to upgrade MariaDB on FreeBSD

Archives

  • December 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • September 2018
  • June 2018
  • May 2018
  • April 2018
  • February 2018
  • January 2018
  • November 2017
  • April 2017

Copyright © 2021 · Magazine Pro Theme on Genesis Framework · WordPress · Log in