sudoers - default sudo security policy module DESCRIPTION The sudoers policy module determines a user's sudo privileges. It is the default sudo policy plugin. The policy is driven by the /etc/sudoers file or, optionally in LDAP. The policy format is described in detail in the "SUDOERS FILE FORMAT" section. For information on storing sudoers policy information in LDAP, please see sudoers.ldap(5) . Authentication and Logging The sudoers security policy requires that most users authenticate themselves before they can use sudo . A password is not required if the invoking user is root, if the target user is the same as the invoking user, or if the policy has disabled authentication for the user or command. Unlike su(1) , when sudoers requires authentication, it validates the invoking user's credentials, not the target user's (or root's) credentials. This can be changed via the rootpw , targetpw and runaspw flags, described later. If a user w