Adding spice to your sudo session with a lecture file on Linux or Unix

Despite some severe bugs in sudo, it remains the defacto tool to gain root shell or run command as another user on Linux, macOS, and Unix-like systems. The sudo command allows the system administrator to grant an individual user access to unprivileged commands. For instance, I can give developers the ability to restart the Apache webserver or PHP/Python process on a Linux server. Let us see how to remind developers and unprivileged users about the power of sudo for fun and profit. In this quick tip, I will show you how to add some spice to your sudo session with a lecture file on Linux or Unix.


Adding spice to your sudo session with a lecture file on Linux or Unix

Every seasoned Unix sysadmin knows the sudo command needs to be used with great caution. Hence sudo has the option to give a message using lecture.

How to force sudo to give a lecture every time our users use it

Edit the config file, run the following command:
sudo visudo
Append the following line after the initial options to make sudo to start the lecture every time a user uses sudo:

Defaults        lecture=always

The above option controls when a short lecture will be printed along with the password prompt. It has the following possible values:

1.   always : Always lecture the user.

2.   never : Never lecture the user.

3.   once : Only lecture the user the first time they run sudo.

Save and close the file. Let us invalidates the user’s cached credentials and test it:

sudo -k

## or ##

sudo --reset-timestamp


## Try to gain root shell  ##

sudo -i

Now our Unix developers and other Linux users will get a boring lecture:

Lovely, right? But wait, there is more. We can change this message and make it more friendly. Again safely edit the sudoers file by typing the following command:
sudo visudo
Append another config option:

Defaults       lecture_file=/etc/sudo_lecture.txt

Save and close the file when using vi or vim. Here is the config file for your reference displayed using the cat command:
sudo cat /etc/sudoers

Creating /etc/sudo_lecture.txt

sudo vim /etc/sudo_lecture.txt
Append stuff (download sudo_lecture.txt file to avoid printing garbage on screen):




│                                          │

│ mmmm                                     │

│ #   "m  mmm   m mm    mmmm   mmm    m mm │

│ #    # "   #  #"  #  #" "#  #"  #   #"  "

│ #    # m"""#  #   #  #   #  #""""   #    │

│ #mmm"  "mm"#  #   #  "#m""#mm"   #    │

│                       m  #               │

│                        ""                │




Please be cautious while using sudo as you could end up damaging the system.

Our fancy sudo warning or lecture is here:

Let us use the toilet command:
sudo sh -c 'toilet -f bubble --metal "Be careful with sudo" > /etc/sudo_lecture.txt'
sudo -k
sudo -i

Groot prompt so spice up to your sudo session

Try groot prompt (download the groot.txt file using curl command or wget to avoid printing escape characters on screen):

     ^[[00;32m  \^V//

     ^[[00;33m  |^[[01;37m. ^[[01;37m.^[[00;33m|   ^[[01;34m I AM (G)ROOT!

     ^[[00;32m- ^[[00;33m\ - / ^[[00;32m_

     ^[[00;33m \_| |_/

     ^[[00;33m   \ \

     ^[[00;31m __^[[00;33m/^[[00;31m_^[[00;33m/^[[00;31m__

     ^[[00;31m|_______|  ^[[00;37m With great power comes great responsibility.

     ^[[00;31m \     /   ^[[00;37m Use sudo wisely.

     ^[[00;31m  \___/



The lecture file is a cool idea when combined with ANSI escape code for colours and other CLI utilities such as toilet and figlet.