Rudo
Description
Rudo "RustUser do" allows a system administrator to give certain users the ability to run some commands as root or another user while logging all commands and it's arguments.
Package
https://copr.fedorainfracloud.org/coprs/remilauzier/rudo/
Functionality
- You can give Rudo a command to execute like
rudo some-command with-args - You can invoke a shell with
rudo -sorrudo --shell - You can change the user to impersonate with
rudo -u some-userorrudo --user some-user - You can edit document with the editor specify in your environment variable with
rudo -e some-documentorrudo --edit some-document - You can log debug journal to Journald with
rudo -dorrudo --debug - You can start the user greeting with
rudo -gorrudo --greeting
Configuration
- The config file is in YAML and must be at
/etc/rudo.confor it will be create - Invalid file will be REMOVE and REPLACED with default
- You can change the user to impersonate
- You can change the group the user must be member to have authorization
- You can remove the password obligation at your own risk
- You can remove the greeting of the user
- You can decide which user is authorized to use Rudo
Problem
You need to change the owner of the binary to root for now to make it work
sudo chown root:rootsudo chmod 4755
License
GPLv2 or later
Warning
No guaranty of security for now