Sudo_privileges
Chapter 9: sudo and Privilege Escalation
Section titled “Chapter 9: sudo and Privilege Escalation”Overview
Section titled “Overview”This chapter covers sudo configuration and privilege escalation techniques for secure system administration.
9.1 Understanding sudo
Section titled “9.1 Understanding sudo”sudo vs su
Section titled “sudo vs su” sudo vs su Flow+------------------------------------------------------------------+| || Using sudo: || +---------+ +-------+ +-------------+ || | Regular |----->| sudo |----->| Verify | || | User | |command| | /etc/sudoers || +---------+ +-------+ +-------------+ || | || v || +-------------+ || | Permission | || | Check | || +-------------+ || | || v || +-------------+ || | Execute | || | Command | -------------+ | || +| || Using su: || +---------+ +-------+ +-------------+ || | Regular |----->| su -|----->| Root | || | User | | | | Password | || +---------+ +-------+ +-------------+ || | || v || +-------------+ || | Root | || | Shell | || +-------------+ || |+------------------------------------------------------------------+9.2 sudo Configuration
Section titled “9.2 sudo Configuration”Basic sudo Usage current DNS configuration
Section titled “Basic sudo Usage current DNS configuration”cat /etc/resolv.conf
Example output:
Section titled “Example output:”nameserver 192.168.1.1
Section titled “nameserver 192.168.1.1”nameserver 8
Section titled “nameserver 8”# Run command as rootsudo command
# Run command as specific usersudo -u username command
# Run command.8.8.8# nameserver 1.1.1.1# search example.com4.6.2 resolv.conf Options
Section titled “4.6.2 resolv.conf Options”| Option | Description as root with environment sudo -i command
Edit file with root privileges
Section titled “Edit file with root privileges”sudoedit /etc/file sudo - | Example | |--------|-------------|---------| | nameserver | DNS server IP | nameserver 8.8.8.8 | | search | Domain search liste /etc/file
### /etc/sudoers Configuration
```bash# Basic sudoers file# User | search example.com || options | Runtime options | options timeout:2 attempts:3 |
```bash# /etc/resolv.conf example with privilege specificationusername ALL=(ALL:ALL) ALL
# Group privilege specification%groupname ALL=(ALL:ALL) ALL
# No password requiredusername ALL=(ALL) NOPASSWD: ALL
# Specific command onlyusername ALL=(ALL) optionsnameserver 192.168.1.1nameserver 8.8.8.8nameserver 1.1.1.1search local /usr/bin/systemctl restart nginx9.3 Arch Linux sudo Setup
Section titled “9.3 Arch Linux sudo Setup”Installing and Configuring sudo
Section titled “Installing and Configuring sudo”options timeout:2 attempts:3 rotate4.6.3 systemd-resolved (
Section titled “4.6.3 systemd-resolved (”Install sudo (usually pre-installed)
Section titled “Install sudo (usually pre-installed)”sudo pacman -S sudo
Add user to wheel group
Section titled “Add user to wheel group”sudo usermod -aG wheel username
Arch Linux)
# Check systemd-resolved statussystemctl status systemd-resolved
# View resolved cacheresolvectl status
# Query using resolvectlresolvectl query example.com
# Flush DNS cacheresolvectl flush-cachessystemd# Configure wheel groupsudo visudo# Uncomment: %wheel ALL=(ALL) ALL9.4 Privilege Escalation
Section titled “9.4 Privilege Escalation”Checking sudo Access
Section titled “Checking sudo Access”# Check your sudo privilegessudo -l
# Check specific user's privilegessudo -l -U username-resolve --flush-caches4.7 DNS Caching
Section titled “4.7 DNS Caching”4.7.1 DNS Cache
Section titled “4.7.1 DNS Cache”### Common sudo Commands
```bash# System administrationsudo systemctl restart servicesudo systemctl status nginxsudo journalctl -u service
# File operationssudo cat /etc/shadowsudo chmod 777 /pathsudo chown user:group /path
# Network operations?} Cache -->|Yes| Return[Return Cached IP] Cache -->|No| Query[Query DNS Server] Query --> Cachesudo iptables -Lsudo netstat -tulpn
# Package management (Arch)sudo pacman -S packageyay -S package # If in sudoers```
---
## 9.5 Security Best Practices
```bash# Best practices for sudo
2[Cache Result] Cache2 --> Return end```
### 4.7.2 Clear DNS Cache
```bash# Systemd-resolvedsudo resolvectl flush-caches
# nscd (nscd)sudo systemctl restart nscd
# B# 1. Use specific commands instead of ALLusername ALL=(ALL) /usr/bin/systemctl restart nginx
# 2. Use NOPASSWD sparingly# Only for specific automated tasksusername ALL=(ALL) NOPASSWDIND/namedsudo rndc flush
# Clear browser DNS cache (Chrome)chrome://net-internals/#dnschrome://net-internals/#sockets```
### 4.7.3 DNS Cache TTL
```bash# Check TTL in dig output: /path/to/script.sh
# 3. Log all sudo usage# In /etc/sudoersDefaults logfile=/var/log/sudo.log
# 4. Require password for dangerous commandsusername ALL=(ALL) /bin/rm, /bindig example.com
# Look for the TTL value# example.com. 86400 IN A 93.184.216.34#/mkfs, /usr/bin/pacman -S*```
---
## Summary
In this chapter, you learned ^^^^ TTL in seconds```
---
## 4.8 Troubleshooting DNS
---
## Summary
This chapter covered:- ✅ sudo vs su difference- ✅ Basic sudo configuration- ✅ /etc/sudoers syntax- ✅ Arch Linux sudo setup- ✅ Privilege escalation commands- ✅ Security best practices
---
## Next Chapter
[Chapter 10: PAM and Authentication](./10_pam_authentication.md)
---
*Last Updated: February 2026*