How to Install and Enable sudo on FreeBSD 13

In this guide we will learn how to install and enable sudo in FreeBSD 13. FreeBSD is known for its robustness and for being another valid alternative for servers to Linux servers.

Unlike su, sudo authenticates users against their own password rather than that of the target user. Sudo allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments. This allow the delegation of specific commands to specific users on specific hosts without sharing passwords among them.

Prerequisites

To follow along, ensure you have

  • Access FreeBSD Server
  • Root Access to the server

Table of Content

  1. What is Sudo
  2. Installing Sudo in FreeBSD 13
  3. Configuring sudo in FreeBSD 13
  4. How to list user’s privileges or check a specific command

1. What is Sudo

Sudo (su “do”) allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments. It is a small application that allows the execution of commands with the security privileges of another user. Normally, this “other” user is root.

In a Linux or a FreeBSD server, there are normally different users. Each of them has defined roles and permits. For example, to install a package in FreeBSD it is necessary to do it with root user privileges. Then, not all users can do all things.

By FreeBSD security policy, this program is not installed and enabled for your regular user. We can install and enable the sudo program in our freebsd machine if we want. This is not recommended for a production server install.

2. Installing sudo in FreeBSD 13

Sudo is not installed by default on FreeBSD, but it is available from the official repositories. So first log in as root on FreeBSD.

$ su -
root@freebsd:~ #

After you have opened the terminal session as the root user, install sudo with the following command:

pkg install -y sudo

This is the output on my server

# pkg install -y sudo
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	sudo: 1.9.8p2

Number of packages to be installed: 1

The process will require 7 MiB more space.
1 MiB to be downloaded.
[1/1] Fetching sudo-1.9.8p2.pkg: 100%    1 MiB   1.5MB/s    00:01
Checking integrity... done (0 conflicting)
[1/1] Installing sudo-1.9.8p2...
[1/1] Extracting sudo-1.9.8p2: 100%

3. Configuring sudo in FreeBSD 13

Once you have installed sudo, you need to add your user to the list of users who can run sudo.

We are going to use vim in this case, if you do not have it installed, use this command:

pkg install -y vim

The default configuration file is located at /usr/local/etc/sudoers. This file MUST be edited with the visudo command as root. Failure to use visudo may result in syntax or file permission errors that prevent sudo from running.

Then open the sudo editor using this command:

visudo

Now under the line:

root ALL=(ALL) ALL

Add this next line:

etowett ALL=(ALL) ALL

In this case, **

etowett** is my username. Replace it with yours. We are allowing the **etowett** user to run all admin tasks via sudo.

To allow members of group wheel to execute any command, also ensure this line is present:

%wheel ALL=(ALL) ALL

Save and close the file.

Save your changes close the editor by pressing escape and typing :wq.

Now you can log out as root and log in with your regular user.

The first time you run a command with sudo, such as updating the system, you will see something like this:

$ sudo pkg update

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

Password:

Type your password and the command will be executed.

Remember that sudo opens a security hole. So normally it is not recommended to use it on a production servers. But still, it can be very useful to keep it in mind.

4. How to list user’s privileges or check a specific command

To see what commands you are allowed to run, type:

$ sudo -l
$ sudo -ll

Sample outputs:

$ sudo -ll
User etowett may run the following commands on freebsd:

Sudoers entry:
    RunAsUsers: ALL
    Commands:
	ALL

And that’s it, now you can install and use sudo in FreeBSD 13.

Conclusion

Sudo is a powerful utility that allows you to execute various commands as the root user to perform operations on our Unix-based systems. We learned how to install and enable sudo in our freebsd system in this guide.

comments powered by Disqus
Built with Hugo
Theme Stack designed by Jimmy