I have some problems understanding sudo
. I am logged in on a terminal as an non-admin/non-root user. This "normal" user is not in the sudoers file (and shouldnt be, in my opinion).
Now I try to execute a command that needs admin/root privileges and also access to directories of my normal user – therefore I am not able
to simply su
into an admin or root user.
In my understanding sudo -u root
should do the trick – however
it doesn't accept the password for root
(or admin if I try with my normal
admin user). It only accepts the password of the "normal" user which seems
to indicate that the -u username
option doesn't work the way I expect it to
work.
My expectation is that sudo -u root some_command
executes some_command
with the privileges of root and therefore it asks also for the password of root.
Obviously not.
TL;DR: How do I execute any command that requires admin
privileges AND has access to the files of the "logged in (normal) user" without
adding the normal user to the sudoers file?
I have enabled the root user under Mac OS X 10.7.
Best Answer
sudo
always requires the executing user's password (and requires that you have specific permissions to do this, i.e. are one of thesudoers
).su
requires the password of the target account (root
by default, but root account has no password on OS X by default). If you usesu
instead, you can enter the destination account's password and execute a command using that user's privileges.This works by passing all arguments after the user name to the destination account's login shell. Shells usually support
-c <commands>
arguments. In GNU coreutilssu
, there's an actual-c command
argument tosu
that can be placed before the user name.You can
su
to another user account (using the other user account's password), andsudo
from there, provided that other account is asudoer
.If you want neither to enter another account's password, nor give your regular account
sudoers
permissions, you're pretty much out of options unless you consider SSH with key authentication or something like that.