Skip to content
/ ReplaceSudo Public

How to replace the bloaded Sudo binary with OpenDoas on Linux

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

emdnaia/ReplaceSudo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Replace Sudo with OpenDoas

  • The package is called opendoas and is present at almost any major Linux distro!
  • Steps are 0 ) adding the user to the wheel grp (should be default most cases), 1) adding that grp and allowing longer persistence before timeouts & 2-3) disabling the sudo binary
# 0 add to wheel grp
sudo usermod -aG wheel myuser

# 1 change /etc/doas.conf to only allow wheel users
permit persist :wheel

# 2 disable rather than remove the sudo binary
sudo chmod 0 /usr/bin/sudo

# 3 make it sticky to prevent changes
doas chattr +i /usr/bin/sudo

In case you wanna reenable sudo some day

doas chmod 4711 /usr/bin/sudo
doas chattr -i /usr/bin/sudo

About

How to replace the bloaded Sudo binary with OpenDoas on Linux

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published