How to Install and Run sudo on FreeBSD


If you're coming from any Linux distributions, chances that you're already familiar with sudo. Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. Unlike su, sudo authenticates users against their own password rather than that of the target user. Sudo allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments. This allow the delegation of specific commands to specific users on specific hosts without sharing passwords among them.

Sudo Installation

Using FreeBSD Ports Collection

# cd /usr/ports/security/sudo/
# make install clean

Using FreeBSD Package Management Tool

# pkg install sudo

If this is the first time you're running pkg and the package management tool is not installed yet on your system, it will responds with something like below:

root@freebsd-13:~ # pkg install sudo
The package management tool is not yet installed on your system.
Do you want to fetch and install it now? [y/N]: y

You can safely enter "y" here.

Sudo Configuration

To configure sudo, we can use visudo.

# visudo

It will open sudo configuration file. Change these line:

## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL

so it become:

## Uncomment to allow members of group wheel to execute any command
%wheel ALL=(ALL) ALL

It will allow users member of wheel group to run sudo. Save and close the file.

Note: The visudo utility performs syntax checking before committing your edits to the file. A malformed sudoers file can break your system. Never edit /etc/sudoers directly.

User configuration

As mentioned above, users need to be a member of wheel group. For example, to add user jason to wheel group, run this command:

# pw group mod wheel -m jason
# id jason
jason) gid=1002(jason) groups=1002(jason),0(wheel)

Test and Verification

Switch to the new user using this command:

# su - jason

First, verify that we're acting as user jason with whoami. Then we test sudo access with sudo whoami, which should return root.

$ whoami
$ sudo whoami

Sudo Alternative

Some of FreeBSD sysadmins prefer doas than sudo. If you want to use doas, here's how to install it.

# pkg install doas

Adjust doas Configuration File

The doas configuration file is stored in /usr/local/etc/doas.conf. First, we need to create the configuration file /usr/local/etc/doas.conf.

# vi /usr/local/etc/doas.conf

To achieve similar effect like sudo above, add this one line:

permit keepenv :wheel

And you're good to go.

Final Words

I hope that you now know how to install sudo on FreeBSD 13. If you run into any issues or have any feedback feel free to drop a comment below.

Tags FreeBSD

0 comment

Leave a reply

Your email address will not be published. Required fields are marked *