Background
In Linux, a superuser is a user who can run any command at the highest permission level, never limited by permissions (just like the `root` user).
A regular system user can be granted sudo access, allowing them to run commands as a superuser.
However, first, they must enter their password.
After they enter their password, they're granted elevated permissions for a limited amount of time. During this timeframe, they can run any command with elevated privileges.
Once the session expires, they must re-authenticate before running any more privileged commands.
gm_sudo operates under the same principles. Any authorized player can authenticate (via password) and enter sudo mode for a limited amount of time.
General Idea:
- Instead of having a superadmin rank, all administrators just have an "Admin" rank (
:IsAdmin(), but not:IsSuperAdmin()) - Qualified users may receive a Sudo login
- Once a player successfully enters Sudo mode, they can perform any action as a superadmin for some period of time
- Once Sudo expires, the user will have the same permissions as they did pre-sudo mode
✅ Benefits
This makes your server more secure.
Instead of always having superadmin access, staff must authenticate before using privileged tools (running serverside code, configuring addons, etc.) This way, if a staff member is compromised, your server remains safe.
At minimum, your server's attack surface decreases significantly.
❌ Drawbacks
Always, with every tool we use, we must find a balance between Security and Convenience.
Making your applications more secure means making them less convenient to use legitimately.
Two factor authentication makes your accounts significantly harder to hack, but it makes it inconvenient to log in every time.
In the same vein, using gm_sudo is inconvenient.
Instead of simply tweaking an addon setting or running a quick script, the staff must authenticate with gm_sudo.
It only requires them to enter a password but, still, it's a barrier to doing their job.
gm_sudo is recommended for everyone, but especially so for larger servers.
If you're a smaller server, gm_sudo can help keep you safer, but may not be as valuable.
- Nothing in the global scope
- Each step of the transaction protected by tokens
- Limited time to enter password
- Full SHA-2/SHA-3 implementation, configurable encryption algorithm
- Passwords are salted
- Passwords never stored plainly in a variable
Simply download a copy of the zip, or clone the repository straight into your addons folder!
Pre-compiled versions are available in Releases
The lua branch is a lua-only branch containing the compiled code from the most recent release. One can use this to easily keep gm_sudo up to date.
git clone --single-branch --branch lua git@github.com:CFC-Servers/gm_sudo.gitgm_sudo uses CFCLogger as its logger, but is able to function without it.
Adding CFCLogger will allow you to configure which "level" of logging you want to see (pretty noisy by default).
Anyone with rcon (or direct terminal) access to the server can use the sudoadd <steamid> command:
sudoadd "STEAM_1:0:21170873"
The targeted user will be prompted to enter a password. Once they hit enter, the server will receive, encrypt, salt, and store the password.
Now that the user has a gm_sudo account, they can run the sudo command locally, where they're prompted to enter their password. Once they submit the correct password, they'll be allowed to perform any action requiring superadmin access.
If a user forgets their password, you can simply run sudoadd again, and the password they enter will overwrite their previous password.
If you need to remove a user, you can run sudoremove "steamid" (works the same way as sudoadd, but in reverse) to remove their gm_sudo account.
This addon comes with the following Convars:
Which can be one of the following (default: sha512):
md5sha1sha224sha256sha512_224sha512_256sha384sha512sha3_224sha3_256sha3_384sha3_512shake128shake256
An integer representing the number of seconds a Sudo session should last before the user must re-authenticate.
TODO