How does a regular user execute a command as an administrator?
Author: Deron Eriksson
Description: This tutorial demonstrates how a regular user can execute a command in Fedora as an administrator using the sudo command.
Tutorial created using: Fedora 12

The "sudo" command allows a regular user to execute a command as an administrator (or other user) in Fedora. The authorization to be able to run "sudo" is specified in the /etc/sudoers file. If you're familiar with the vi editor, you can type "visudo" to open up the /etc/sudoers file in a vi editor.

Technique #1

In /etc/sudoers, we can see a line specifying that root can run all commands. If we'd like to give this same ability to a regular user, we can add a similar line for that user, such as the user named "deron" in the example below.

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
deron   ALL=(ALL)       ALL

Technique #2

We can also do the same thing using groups rather than hardcoding the user name in the /etc/sudoers file. We can do this by uncommenting the wheel group, as shown below:

## Allows people in group wheel to run all commands
 %wheel ALL=(ALL)       ALL

After this, we can add the user "deron" to the wheel group via:

usermod -a -G wheel deron

After either of the modifications above, the user "deron" can now run a command as the root user. Running "fdisk -l" would attempt to run the fdisk command as the regular user. Running "sudo fdisk -l" runs the fdisk command as the root user. The user gets prompted for the user password when attempting to run the sudo command.

running sudo command

Normally, the user will not be prompted for a password for sudo commands run in a particular time interval after this. For added security, we can have the user prompted for a password each time that the user runs the sudo command. This can be done by setting the default timestamp timeout value to 0 in the Defaults section of /etc/sudoers, like this:

Defaults    timestamp_timeout = 0