{"id":13412119,"url":"https://github.com/trifectatechfoundation/sudo-rs","last_synced_at":"2026-01-15T22:18:19.758Z","repository":{"id":65603206,"uuid":"577397570","full_name":"trifectatechfoundation/sudo-rs","owner":"trifectatechfoundation","description":"A memory safe implementation of sudo and su.","archived":false,"fork":false,"pushed_at":"2025-05-07T12:11:23.000Z","size":4109,"stargazers_count":3263,"open_issues_count":52,"forks_count":94,"subscribers_count":27,"default_branch":"main","last_synced_at":"2025-05-08T02:01:52.260Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/trifectatechfoundation.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE-APACHE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-12-12T16:40:01.000Z","updated_at":"2025-05-08T01:39:45.000Z","dependencies_parsed_at":"2024-07-08T15:13:18.898Z","dependency_job_id":"c5e4d389-2cbe-48b4-8f81-50a844d3522e","html_url":"https://github.com/trifectatechfoundation/sudo-rs","commit_stats":{"total_commits":1454,"total_committers":36,"mean_commits":"40.388888888888886","dds":0.7242090784044016,"last_synced_commit":"b503b9b20258fb9fe0ee27ddf9ba9a55ea5b2545"},"previous_names":["trifectatechfoundation/sudo-rs","memorysafety/sudo-rs"],"tags_count":13,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trifectatechfoundation%2Fsudo-rs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trifectatechfoundation%2Fsudo-rs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trifectatechfoundation%2Fsudo-rs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trifectatechfoundation%2Fsudo-rs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trifectatechfoundation","download_url":"https://codeload.github.com/trifectatechfoundation/sudo-rs/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253766659,"owners_count":21960966,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-30T20:01:21.188Z","updated_at":"2026-01-15T22:18:19.752Z","avatar_url":"https://github.com/trifectatechfoundation.png","language":"Rust","funding_links":[],"categories":["Rust","others"],"sub_categories":[],"readme":"# sudo-rs\n\nA safety oriented and memory safe implementation of sudo and su written in Rust.\n\n## Status of this project\n\nSudo-rs is being developed further; features you might expect from original sudo\nmay still be unimplemented or not planned. If there is an important one you need,\nplease request it using the issue tracker. If you encounter any usability bugs,\nalso please report them on the [issue tracker](https://github.com/trifectatechfoundation/sudo-rs/issues).\nSuspected vulnerabilities can be reported on our [security page](https://github.com/trifectatechfoundation/sudo-rs/security).\n\nSudo-rs has been audited twice: an audit of version 0.2.0 was performed in August 2023, and a second audit of version 0.2.8 in August 2025. The audit reports can be found [here](docs/audit).\n\nSudo-rs currently is targeted for FreeBSD and Linux-based operating systems only.\n\n## Installing sudo-rs\n\nYou can install sudo-rs using the package manager of your Linux distribution. Many Linux distributions will also keep\noriginal sudo installed and so offer sudo-rs using modified command names. You can work around that by creating e.g. an `alias`, but that will\nonly change your own invocations of `sudo` to sudo-rs and not affect other programs and scripts that use `sudo`.\n\nTo avoid that and/or to get the latest version, you can use our prepackaged binaries (see below).\n\n### Ubuntu 25.10 (Questing Quokka)\n\nsudo-rs is installed and enabled by default; you can control which sudo version is being used by running\n```sh\nupdate-alternatives --config sudo\n```\nThe sudo-rs package is based on v0.2.8 with additional bug fixes that will be part of v0.2.9.\n\n### Arch Linux\n\nsudo-rs can be installed from the distribution repositories:\n```sh\npacman -S sudo-rs\n```\nThis will offer the functionality using the commands `sudo-rs`, `sudoedit-rs`, `visudo-rs` and `su-rs` to avoid conflicts.\n\nThe sudo-rs package on Arch Linux is typically up-to-date.\n\n### Fedora\n\nOn Fedora you can use:\n```sh\ndnf install sudo-rs\n```\nThis will offer the functionality using the commands `sudo-rs`, `visudo-rs` and `su-rs` to avoid conflicts.\n\nThe version packaged in Fedora is usually the latest.\n\n### Debian\nIf you are running Debian 13 (trixie) or later you can use:\n```sh\napt-get install sudo-rs\n```\nThis will offer the functionality using the commands `sudo-rs`, `visudo-rs`. If you want to invoke sudo-rs\nvia the usual commands `sudo` and `visudo` instead, prepend `/usr/lib/cargo/bin` to your current `$PATH` variable.\n\nDue to a misconfiguration in this package, `su-rs` cannot be used because it does not have the setuid flag set.\n\nThe sudo-rs version packaged in Debian 13 (trixie) is based on release 0.2.5 from April 2025 which is missing `sudoedit`, `NOEXEC:`,\nand several other improvements, but is up-to-date with respect to security patches. Debian unstable (sid) may have a newer version.\n\n### FreeBSD\n\nWe are maintaining the FreeBSD port of sudo-rs ourselves, which is available in the ports tree. Sudo-rs is available in two flavours:\n```\npkg install sudo-rs\n```\nTo get sudo-rs using the commands `sudo`, `visudo` and `sudoedit`. This conflicts with the `security/sudo` package and so you cannot have both\ninstalled at the same time.\n\nAlternatively,\n```\npkg install sudo-rs-coexist\n```\nInstalls the commands as `sudo-rs`, `visudo-rs`' and `sudoedit-rs` and does not conflict with the `security/sudo` package.\n\nTo run these commands, the `pkg` utility needs to be using the `2025Q4` quarterly version (or later) of the ports tree. To use the\nabsolute latest version, you can [switch from quarterly to `latest`](https://wiki.freebsd.org/Ports/QuarterlyBranch#How_to_switch_from_quarterly_to_latest).\n\n### NixOS\n\nOn NixOS sudo-rs can be installed by adding the following to your configuration:\n\n```nix\nsecurity.sudo-rs.enable = true;\n```\n\nThis will replace the usual `sudo` and `sudoedit` commands.\n\n### Installing our pre-compiled x86-64 binaries\n\nYou can also switch to sudo-rs manually by using our pre-compiled tarballs.\nWe currently only offer these for x86-64 Linux systems.\n\nWe recommend installing sudo-rs and su-rs in your `/usr/local` hierarchy so it does not affect the integrity of the package\nmanager of your Linux distribution. You can achieve this using the commands:\n```sh\nsudo tar -C /usr/local -xvf sudo-0.2.11.tar.gz\n```\nand for su-rs:\n```sh\nsudo tar -C /usr/local -xvf su-0.2.11.tar.gz\n```\nThis will install sudo-rs and su-rs in `/usr/local/bin` using the usual commands `sudo`, `visudo`, `sudoedit` and `su`. Please double check\nthat in your default `PATH`, the folders `/usr/local/bin` and `/usr/local/sbin` have priority over `/usr/bin` and `/usr/sbin`.\n\nIf you **don't** have Todd Miller's `sudo` installed, you also have to make sure that:\n\n* You manually create a `/etc/sudoers` or `/etc/sudoers-rs` file, this could be as simple as:\n\n      Defaults secure_path=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\n\n      %sudo ALL=(ALL:ALL) ALL\n\n  `sudo-rs` will try to process `/etc/sudoers-rs` if it exists, otherwise it will use `/etc/sudoers`.\n  For an explanation of the sudoers syntax you can look at the\n  [sudoers man page](https://www.sudo.ws/docs/man/sudoers.man/).\n\n* (Strongly recommended) You create `/etc/pam.d/sudo` and `/etc/pam.d/sudo-i` files that contain (for Debian/Ubuntu):\n\n      session required pam_limits.so\n\n      @include common-auth\n      @include common-account\n      @include common-session-noninteractive\n\n  If you don't do this, either a \"fallback\" PAM policy will be used or `sudo-rs` will simply refuse to run\n  since it cannot initialize PAM. On Fedora, the syntax for PAM configuration is slightly different, but the\n  correct PAM configuration files will most likely be already installed.\n  On FreeBSD, you may want to put these files in `/usr/local/etc/pam.d` instead.\n\n### Building from source\n\nSudo-rs is written in Rust. The minimum required Rust version is 1.70. If your\nLinux distribution does not package that version (or a later one), you can always\ninstall the most recent version through [rustup]. You also need the C development\nfiles for PAM (`libpam0g-dev` on Debian, `pam-devel` on Fedora).\n\nOn Ubuntu or Debian-based systems, use the following command to install the PAM development library:\n```\nsudo apt-get install libpam0g-dev\n```\n\nOn Fedora, CentOS and other Red Hat-based systems, you can use the following command:\n```\nsudo yum install pam-devel\n```\n\nWith dependencies installed, building sudo-rs is a simple matter of:\n```\ncargo build --release\n```\n\nThis produces a binary `target/release/sudo`. However, this binary must have\nthe setuid flag set and must be owned by the root user in order to provide any\nuseful functionality. Consult your operating system manual for details.\n\nSudo-rs then also needs the configuration files; please follow the installation\nsuggestions in the previous section.\n\n### Feature flags\n\n#### --features pam-login\nBy default, sudo-rs will use the PAM service name `sudo`. On Debian and Fedora\nsystems, it is customary that the name `sudo-i` is used when the `-i / --login`\ncommand line option is used. To get this behaviour, enable the `pam-login`\nfeature when building:\n```\ncargo build --release --features pam-login\n```\nThis feature is enabled on our pre-supplied binaries.\n\n#### --features apparmor\nsudo-rs has support for selecting AppArmor profile on Linux distributions that\nsupport AppArmor such as Debian and Ubuntu. To enable this feature, build sudo-rs\nwith apparmor support enabled:\n```\ncargo build --release --features apparmor\n```\n\nThis feature is disabled on our pre-supplied binaries.\n\n[rustup]: https://rustup.rs/\n\n## Differences from original sudo\n\nsudo-rs supports less functionality than sudo. Some of this is by design. In\nmost cases you will get a clear error if you try something that is not\nsupported (e.g. use a configuration flag or command line option that is not\nimplemented).\n\nExceptions to the above, with respect to your `/etc/sudoers` configuration:\n\n* `use_pty` is enabled by default, but can be disabled.\n* `env_reset` is ignored --- this is always enabled.\n* `visiblepw` is ignored --- this is always disabled.\n* `verifypw` is ignored --- this is always set to `all` (the default)\n* the (NO)PASSWD tag on the \"list\" pseudocommand will determine whether a password\n  is required for the `sudo -U --list` command, instead of `listpw`.\n* `mail_badpass`, `always_set_home`, `always_query_group_plugin` and\n  `match_group_by_gid` are not applicable to our implementation, but ignored for\n  compatibility reasons.\n* `timestamp_type` is always set at `tty`.\n* `sudoedit_checkdir` is always `on`, and `sudoedit_follow` is always `off`.\n* `logfile` is not supported --- logging is always done via syslog.\n\nSome other notable restrictions to be aware of:\n\n* Some functionality is not supported, such as preventing shell escapes using `INTERCEPT` and\n  storing config in LDAP using `sudoers.ldap`, and `cvtsudoers`. This includes `sudo -E`,\n  which is [discouraged](https://www.sudo.ws/docs/troubleshooting/#why-does-sudo-modify-the-commands-environment) in original sudo.\n* Sudo-rs always uses PAM for authentication, so your system must be set up for PAM.\n  Sudo-rs will use the `sudo` and `sudo-i` service configuration. This also means\n  that resource limits, umasks, etc have to be configured via PAM and not through\n  the sudoers file.\n* sudo-rs will not include the sendmail support of original sudo.\n* The sudoers file must be valid UTF-8.\n* To prevent a common configuration mistake in the sudoers file, wildcards\n  are not supported in *argument positions* for a command.\n  E.g., `%sudoers ALL = /sbin/fsck*` will allow `sudo fsck` and `sudo fsck_exfat` as expected,\n  but `%sudoers ALL = /bin/rm *.txt` will not allow an operator to run `sudo rm README.txt`,\n  nor `sudo rm -rf /home .txt`, as with original sudo.\n\nIf you find a common use case for original sudo missing, please create a feature\nrequest for it in our issue tracker.\n\n## Aim of the project\n\nOur current target is to build a drop-in replacement for all common use cases of\nsudo. For the sudoers config syntax this means that we support the default\nconfiguration files of common Linux distributions. Our implementation should support\nall commonly used command line options from the original sudo implementation.\n\nSome parts of the original sudo are explicitly not in scope. Sudo has a large\nand rich history and some of the features available in the original sudo\nimplementation are largely unused or only available for legacy platforms. In\norder to determine which features make it we both consider whether the feature\nis relevant for modern systems, and whether it will receive at very least\ndecent usage. Finally, of course, a feature should not compromise the safety of\nthe whole program.\n\nOur `su` implementation is made using the building blocks we created for our\nsudo implementation.  It is a suitable replacement for the `su` distributed\nby [util-linux].\n\n[util-linux]: https://github.com/util-linux/util-linux\n\n## Future work\n\nWhile our initial target is a drop-in replacement for most basic use cases of\nsudo, our work may evolve beyond that target. We are also looking into\nalternative ways to configure sudo without the sudoers config file syntax and to\nextract parts of our work in usable crates for other people.\n\n## History\n\nThe initial development of sudo-rs was started and funded by the [Internet Security Research Group](https://www.abetterinternet.org/) as part of the [Prossimo project](https://www.memorysafety.org/)\n\n## Acknowledgements\n\nSudo-rs is an independent implementation, but it incorporates documentation and Rust translations of code from [sudo](https://www.sudo.ws/), maintained by Todd C. Miller. We thank Todd and the other sudo contributors for their work.\n\nAn independent security audit of sudo-rs was made possible by the [NLNet Foundation](https://nlnet.nl/), who also [sponsored](https://nlnet.nl/project/sudo-rs/) work on increased compatibility with the original sudo and the FreeBSD port.\n\nThe sudo-rs project would not have existed without the support of its sponsors, a full overview is maintained at https://trifectatech.org/initiatives/privilege-boundary/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrifectatechfoundation%2Fsudo-rs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftrifectatechfoundation%2Fsudo-rs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrifectatechfoundation%2Fsudo-rs/lists"}