Privileged Linux Access (sudo or ksu)
See also the Privileged Access Policy for information regarding appropriate use of privileged access.
Privileged access on an Ubuntu computer
The sponsor of a workstation must first request privileged access for an account on that computer using the “Grant Privileged Access to a Computer” webform .
After review by the CSL staff, the user will then be able to use sudo
on the computer to run authorized commands, using their regular CS password.
Privileged access on a CentOS computer
The sponsor of a workstation must first request privileged access for an account on that computer using the “Grant Privileged Access to a Computer” webform . This change takes effect overnight.
If the user has not previously had privileged access to a CentOS computer, they will be notified by the CSL to set a password for their /root Kerberos instance for use with the ksu command.
Using ksu
After the root access change has taken effect and a user has a <username>/root instance and password, use the ksu command when root privileges are required. The command will ask for the <username>/root password and then change the user into root.
Changing the <username>/root password
By default, the temporary password put on username/root is a long random string of characters. To change it, use the passwd command while specifying the <username>/root you are changing - user bucky would type passwd bucky/root.