sudo -1 vs sudo (was Re: sudo cd... command not found?)

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Rusty Carruth via PLUG-discuss
Date:  
To: plug-discuss
CC: Rusty Carruth
Old-Topics: Re: sudo cd... command not found?
Subject: sudo -1 vs sudo (was Re: sudo cd... command not found?)
Answer:

man sudo

...

     -i, --login
                 Run the shell specified by the target user's password
database entry as a login shell.  This means that
                 login-specific resource files such as .profile,
.bash_profile or .login will be read by the shell.  If a
                 command is specified, it is passed to the shell for
execution via the shell's -c option.  If no command
                 is specified, an interactive shell is executed. sudo
attempts to change to that user's home directory
                 before running the shell.  The command is run with an
environment similar to the one a user would receive
                 at log in.  Note that most shells behave differently
when a command is specified as compared to an inter‐
                 active session; consult the shell's manual for
details.  The Command environment section in the
                 sudoers(5) manual documents how the -i option affects
the environment in which a command is run when the
                 sudoers policy is in use.

If you are using bash, 'man bash' has a section, 'INVOCATION', which starts:

INVOCATION
       A login shell is one whose first character of argument zero is a
-, or one started with the --login option.

       An interactive shell is one started without non-option arguments
(unless -s is specified) and without the -c option
       whose standard input and error are both connected to terminals
(as determined by isatty(3)), or  one  started  with
       the  -i  option.  PS1 is set and $- includes i if bash is
interactive, allowing a shell script or a startup file to
       test this state.

       The following paragraphs describe how bash executes its startup
files.  If any of the files  exist  but  cannot  be
       read,  bash reports an error.  Tildes are expanded in filenames
as described below under Tilde Expansion in the EX‐
       PANSION section.

I won't bore everyone with information they can get themselves from the
man page, but that's where all the details lie.  Yes, its kinda
complicated...



To answer your final question, type 'sudo id':

Sun Dec 25 13:24:13 RustyC ~/class $ sudo id
[sudo] password for rusty:
uid=0(root) gid=0(root) groups=0(root)
Sun Dec 25 13:24:18 RustyC ~/class $ sudo -i id
uid=0(root) gid=0(root) groups=0(root)
Sun Dec 25 13:24:21 RustyC ~/class $ id
uid=1000(rusty) gid=1000(rusty)
groups=1000(rusty),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),115(lpadmin),135(sambashare)
Sun Dec 25 13:24:29 RustyC ~/class $

So, the answer is: you get the elevated permissions by running as root
(in the case that you didn't specify a user to run as). (Under
non-SElinux I don't believe there is any other way to have different
permissions than by changing either the user you are running as, or by
changing the group you are in)

Now, the instant the sudo process exits, you are returned to your shell
'as you were' before the sudo command (back to your normal self).  So
perhaps that's where the confusion comes in?  The only process which
runs as root is the one started by the sudo.  If the process started by
the sudo is a shell, well then of course you're root until you type
exit, at which point you're back to being yourself.  (hopefully that
didn't muddy the waters too much.  Just think 'I'm root until the
process started by sudo exits' If that's a shell or emacs or some such
you're going to be root a while ;-) (probably)

On 12/22/22 15:21, Keith Smith via PLUG-discuss wrote:
> Thanks Dale,
>
> Worked!!  Thanks!!
>
> I noticed it made me the root user.
>
> What is the difference between sudo -i and sudo su?
>
> In my research it appears that both change to user to root along with
> changing the UID.  I've been using sudo -i to solver this issue for
> years while not fully understanding it.
>
> I assume sudo elevates the user's permissions however they stay that
> user and their UID does not change??
>
> Keith
>
>
> On 2022-12-21 21:47, Dale Farnsworth wrote:
>> [I sent this message yesterday, not sure why it didn't make the list.
>> Re-sending]
>>
>> sudo only runs commands found in $PATH.
>> cd is a built-in shell command, therefore sudo can't find it.
>> The fix is to do su or "sudo su" to get a root shell, and then in the
>> root shell do a cd to the restricted directory.
>>
>> Dale
>>
>> On Tue, Dec 20, 2022 at 6:27 PM Keith Smith via PLUG-discuss
>> <> wrote:
>>
>>> Hi,
>>>
>>> Not sure what is going on here:
>>>
>>> cd <path> results in message "-bash: cd: <path> : Permission
>>> denied".
>>>
>>> Then I add sudo : sudo  cd <path> results in message  : "sudo: cd:
>>> command not found".
>>>
>>> Any help is much appreciated!!
>>>
>>> Keith
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list:
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
> ---------------------------------------------------
> PLUG-discuss mailing list:
> To subscribe, unsubscribe, or to change your mail settings:
> https://lists.phxlinux.org/mailman/listinfo/plug-discuss

---------------------------------------------------
PLUG-discuss mailing list:
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss