Sudo access w/ new builtin_administrators user

Hello,

I just wanted to confirm my understanding on how the sudo shell privileges work for users in TrueNAS.

Just to be precise, my understanding is that on a default installation, all of the options under the “Authentication” section for the root user are disabled, including “Allow sudo privileges.” The root user also has it’s password login disabled.

The installation creates a default admin user that goes under the group builtin_administrators. This user can access root through the shell by entering sudo su.

The reason I’m clarifying is because I created a new non-default admin user who’s primary group is admin the users Shell is set to TrueNAS CLI and is also in the builtin_administrators and builtin_users and i checked off the Allow Sudo..., but the sudo in the shell does not work.

Is this the intention? I’m able to get sudo to work if i change the users shell to zsh or something similar.

Thanks!

The TrueNAS CLI is not a traditional *nix shell but more like a wrapper for the TrueNAS API with specific defined namespaces (use ls to see your options). It has no concept of sudo. So when you type sudo COMMAND into the TrueNAS CLI and it fails, it isn’t telling you that you don’t have sudo permissions, it’s telling you that the TN CLI doesn’t know what you’re trying to do.

If sudo is working in a zsh shell, then it’s working as intended.