The sudo command allows you to run programs as another user, by default the root user. If you spend a lot of time on the command line, sudo is one of the commands that you will use quite frequently.
Using sudo instead of login in as root is more secure because you can grant limited administrative privileges to individual users without them knowing the root password.
In this tutorial, we will explain how to use the sudo command.
Table of Contents
The sudo package is pre-installed on most Linux distributions.
To check whether the sudo package is installed on your system, open up your console, type sudo, and press Enter. If you have sudo installed the system will display a short help message, otherwise you will see something like sudo command not found.
If sudo is not installed you can easily install it using the package manager of your distro.
apt install sudoyum install sudoBy default on most Linux distributions granting sudo access is as simple as adding the user to the sudo group defined in thesudoers file. Members of this group will be able to run any command as root. The name of the group may differ from distribution to distribution.
On RedHat based distributions such as CentOS and Fedora, the name of the sudo group is wheel. To add the user to the group run:
usermod -aG wheel usernameOn Debian, Ubuntu and their derivatives, members of the group sudo are granted with sudo access:
usermod -aG sudo usernameThe root user account in Ubuntu is disabled by default for security reasons and users are encouraged to perform system administrative task using sudo. The initial user created by the Ubuntu installer is already a member of the sudo group so if you are running Ubuntu chances are that the user you are logged in as is already granted with sudo privileges.
If you want to allow a
specific user to run only certain programs as sudo, instead of adding
the user to the sudo group add the users to the sudoers file.
For example to allow the user learncybers to run only the mkdir command as sudo, type:
sudo visudoand append the following line:
learncybers ALL=/bin/mkdirOn most systems, the visudo command opens the /etc/sudoers file with the vim text editor. If you don’t have experience with vim check our article about how to save a file and quit the vim editor.
You can also allow users to run sudo commands without entering password:
learncybers ALL=(ALL) NOPASSWD: ALLThe syntax for the sudo command is as follows:
sudo OPTION.. COMMANDThe sudo command has many options that control its behavior but usually sudo is used in its most basic form, without any option.
To use sudo, simply prefix the command with sudo:
sudo commandWhere command is the command for which you want to use sudo.
Sudo will read the /etc/sudoers
file and check whether the invoking user is granted with sudo assess.
The first time you use sudo in a session, you will be prompted to enter
the user password and the command will be executed as root.
For example, to list all files in the /root directory you would use:
sudo ls /root[sudo] password for learncybers:
. .. .bashrc .cache .config .local .profileBy
default, sudo will ask you to enter your password again after five
minutes of sudo inactivity. You can change the default timeout by
editing the sudoers file. Open the file with visudo:
sudo visudoSet the default timeout by adding the line below, where 10 is the timeout specified in minutes:
Defaults timestamp_timeout=10If you want to change the timestamp only for a specific user add the following line, where user_name is the user in question.
Defaults:user_name timestamp_timeout=10There is a wrong perception that sudo is used only to provide root permissions to a regular user. Actually, you can use sudo to run a command as any user.
The -u option allows you to run a command as a specified user.
In the following example we are using sudo to run the whoami command as a user “learn”:
sudo -u learn whoamiThe whoami command will print the name of the user running the command:
learnIf you try to redirect the output of a command to a file that your user has no write permissions, you will get “Permission denied” error.
sudo echo "test" > /root/file.txtbash: /root/file.txt: Permission deniedThis happens because the redirection “>”
of the output is performed under the user you are logged in, not the
user specified by sudo. The redirection happens before the sudo command is invoked.
One solution is to invoke a new shell as root by using sudo sh -c:
sudo sh -c 'echo "test" > /root/file.txt'Another option is to pipe the output as a regular user to the tee command as shown below:
echo "test" | sudo tee /root/file.txtYou have learned how to use the sudo command and how to create new users with sudo privileges.
If you have any questions, feel free to leave a comment.
NGINX Server Nginx, a popular open-source web server, excels at handling high traffic websites efficiently.… Read More
In the realm of web hosting, choosing the right web server is paramount. It acts… Read More
Are indispensable for ensuring smooth, precise linear motion in many industrial applications. Whether in robotics,… Read More
Cyber attacks are becoming more frequent, complex, and damaging. They can disrupt critical operations and… Read More
With the rise of new threats and the increasing complexity of IT environments, organizations need… Read More
1. Introduction In software design, managing complex systems can be challenging. The Facade Design Pattern… Read More