Su to root without a password

Now to start off I must say I’m not recommending that you do this, but can be good to know.

If you need to gain root privileges from a user account without a password on a system where you can’t or would prefer not to install sudo, this method could be for you.

As any FreeBSD user knows, sudo is not installed by default with the standard distro, actually a good thing in my opinion. Not forcing extra software on you, instead just letting you decide what you need.

What we are going to do is basically the same thing as this config line for sudo

%wheel ALL=(ALL) NOPASSWD: ALL

Which says, any user in group ‘wheel’ can execute anything, such as a shell, without a password.

The alternative way to this in FreeBSD 5.x and newer, without sudo, is to add a rule into /etc/pam.d/su

auth		sufficient 	pam_group.so 		trust use_uid

The contents of /etc/pam.d/su should now look something like this

# auth
auth		sufficient	pam_rootok.so           no_warn
auth		sufficient	pam_self.so             no_warn
auth		requisite	pam_group.so            no_warn group=wheel root_only fail_safe
auth		sufficient 	pam_group.so            trust use_uid
auth		include		system

# account
account		include		system

# session
session		required	pam_permit.so

Now make sure the user that requires the passwordless access is indeed in wheel. All that’s left to do now is to test by su’ing to root, it should let you right in.

To run a ‘one liner’ as root like you would with ‘sudo whoami’ you can use this command

$ su -m root -c 'whoami'

Bit more to type but it does the job.

When your done you can just disable it by removing/hash the line out of /etc/pam.d/su, no mucking about with packages or ports.

You may also like...