5.3.1 Ensure sudo is installed

Audit

Run the following command to verify that either sudo or sudo-ldap is installed:

# dpkg-query -W sudo sudo-ldap > /dev/null 2>&1 && dpkg-query -W -f='${binary:Package}\t${Status}\t${db:Status-Status}\n' sudo sudo-ldap | awk '($4=="installed" && $NF=="installed") {print "\n""PASS:""\n""Package ""\""$1"\""" is installed""\n"}' || echo -e "\nFAIL:\nneither \"sudo\" or \"sudo-ldap\" package is installed\n"

Remediation

First determine is LDAP functionality is required. If so, then install sudo-ldap, else install sudo.

Example:

# apt install sudo