Artica’s web interface includes a comprehensive Sudo Management module, allowing administrators to:
- Define fine-grained sudo rules for individual users or groups
- Specify which commands can be run with or without a password
- Preview and validate the generated
/etc/sudoers.d
snippets before applyingAll changes are applied atomically and syntax-checked via
visudo
, ensuring secure, error-free delegation of elevated privileges.
The sudo
package isn’t installed by default on the virtual appliances or when installing Artica from the ISO. To add it, install via apt-get:
apt-get install sudo
After you install the sudo
package, Artica will automatically detect it and enable sudo-privilege management in the System User section.
Sudo privileges can be assigned both at the group level and on a per-user basis.
In this guide, we’ll cover how to define rules for groups—the same procedure applies when configuring individual users.
Under Program, you can specify exactly which commands are permitted to be run with sudo.
This can be the program binary itself—for example, /usr/bin/apt-get
—or a specific command with its arguments, like /usr/bin/apt-get upgrade
.
If you use the wildcard character *
, you grant the user permission to run any command, including spawning a root shell with sudo -s
.
This toggle controls whether sudo
prompts for the user’s password:
sudo
(e.g. /usr/bin/apt-get
) execute as root without any password prompt.sudo /usr/bin/apt-get
(or any other allowed command) requires the invoking user to authenticate by entering their own password.