Wednesday, September 24, 2008

Sudo not included in default Solaris 10 installs

To my surprise, my "default installation" of Solaris 10 that seems to install every known package in the world (who needs Firefox on a server?!?!) does not include "sudo." Apparently, it's on the Companion DVD or available for download from

There are also a couple interesting twists with the default package install. One is that the package is installed in /opt/sfw. This includes the sudoers file, which is located and read from /opt/sfw/etc/. In my opinion, this is a pain, because it doesn't put sudo or visudo in the normal default $PATH=/usr/bin:/usr/sbin:/bin:/sbin. I ended up creating symlinks for /etc/sudoers, /usr/bin/sudo, and /usr/sbin/visudo to the appropriate locations in /opt/sfw.

Another strange twist is that after the install, you need to chmod the sudo command with "chmod 4111 sudo" because Solaris doesn't inherently trust the package and it's files. This is another annoyance, since obviously anyone installing sudo had to take extra steps to do so in the first place and obviously already trusts its integrity.

Chalk up another reason why I like Linux over Solaris.


Drake.Mobius said...

I don't think two operating systems being different constitutes any argument for the superiority of one over the other. I prefer linux, too, but it's best to elucidate our actual reasons.

Solaris doesn't use sudo because it uses RBAC. Sudo is intended for manual use (i.e. not the default of everyone-should), and trying to shoehorn solaris into the linux mindset is a task destined for failure.

I am aware this post is over 1 year old. Maybe my comments are no longer relevant! But I am a sharing kinda dude.

President Not Sure said...

I'm a contractor working in the San Jose, San Francisco, Sacramento triangle. I've worked for a number of well known companies. I have yet to encounter anyone who actually uses RBAC. Just like I have not actually seen anyone use NIS+

MeltingSnowtime said...

I'm a Solaris Admin from way back and believe in trying the vanilla setup in any OS. I think things generally work better if all the bits are part of the general mindset of the OS. SO I tried RBAC ... no, I mean I relly tried. But I didn't succeed. Sudo is just easy, and it's used on my Mac at home too, so why not just go with what works.

*tc said...

Thanks for the post, and to those who commented. I was tempted to try out RBAC becasue, as MeltingSnowtime said, "...generally work better if all the bits are part of the general mindset of the OS."

With that, I will install sudo instead.