What is coming up in sudo 1.9?

I guess it is not an overstatement to say that many interesting new features are coming to sudo in version 1.9. On the other hand, most sudo users are still only aware of its basic functionality. In this blog I would like to draw your attention to my Opensource.com article, which describes some lesser known features of sudo. Finally, I will point you to four upcoming conference talks about different aspects of sudo.

Many sudo users only know sudo as a prefix for administrative commands. Of course, this is just scratching the surface. You can fine tune permissions, record what is happening on the terminal, extend sudo using plugins, store configuration in LDAP, do extensive logging and much more. Last year I gave a talk about it at All Things Open, and a shortened version of this talk is available on Opensource.com. This article already has an overview of upcoming sudo features, which I quote below.

There is a new version of sudo right around the corner. Version 1.9 will include many interesting new features. Here are the most important planned features:

  • A recording service to collect session recordings centrally, which offers many advantages compared to local storage:
    • It is more convenient to search in one place.
    • Recordings are available even if the client machine is down.
    • Recordings cannot be deleted by a local user who wants to cover their tracks.
  • The audit plugin does not add new features to sudoers, but instead provides an API for plugins to easily access any kind of sudo logs. This plugin enables creating custom logs from sudo events using plugins.
  • The approval plugin enables session approvals without using third-party plugins.
  • And my personal favorite: Python support for plugins, which enables you to easily extend sudo using Python code instead of coding natively in C.

If you would like to learn more about these new features, come to one of our sudo talks in the coming months:

  • What you most likely did not know about sudo… at FOSDEM 2020 in the security track demonstrates some of the existing, lesser known features of sudo together with 1.9 news.
  • Extending sudo in Python at FOSDEM 2020 in the Python track. It gives a quick intro to sudo, then shows how to extend sudo using Python. I will show both code and demonstrate it in use.
  • Enhancing sudo security and more at the 2020 RSA Conference in the Open Source track. This talk focuses on how sudo can enhance security using some of its lesser known features, and gives an intro to 1.9 features, including some minimal Python.
  • What’s new in sudo 1.9 is a talk together with sudo maintainer Todd Miller at SCALE. It will focus on what is new in 1.9 and will discuss implementation details as well as user visible features.

See you soon at one of these events!

If you would like to be notified about new posts and sudo news, sign up for the sudo blog announcement mailing list.