Sudo

The sudo command provides a simple and secure way to configure privilege escalation, e.g. letting normal users to execute certain (or all) commands as root or some different user, possibly without giving a password.

Installation
Install the package

Configuration
The main sudo configuration file is located at /etc/sudoers but should never be edited directly. The directory /etc/sudoers.d/ can also contain various drop-in policy files.

The visudo command provides a safe way to edit the configuration file(s). See the visudo(8) manual page for details. The special syntax is described in the sudoers(5) manual page.

Simple "overkill" policy
To enable any user in the wheel group to run any command as any user (including root) without giving a password remove the # at the beginning of the line....

To add a user to the wheel group run

Then either log out and in again or restart for the groups to be updated.

Tight security policy
If you want to have a more secure sudo policy, make list of all commands that you need to run as root and define a strict sudo policy only for them. An example for a simple one user personal computer:

where larry is the user that should be able to run the commands as root and gentbox is the hostname of the computer.

Usage
Once you have the policies set up, you can prefix any command you wish to run with different permissions with sudo. The simplest case is to run a program as root (assuming you have the right policy set up):

Sudo offers many other sophisticated ways to run a command with different permissions (e.g. only with different group permissions) as documented in the sudo(8) manual page.

Bash Completion
Users that want bash completion with sudo need to run this once.