Sep 14, 2023 5 min read

Sudo Command in Linux

Use the sudo command with our step-by-step tutorial. Using sudo instead of logging in as root is safer.

Sudo Command in Linux
Table of Contents

Introduction

You can use the sudo command to run applications as another user, by default the root user. Sudo is one of the commands that you will use regularly if you spend a lot of time on the command line.

Because you may offer restricted administrative access to particular users without them knowing the root password, using sudo instead of logging in as root is safer.

In this tutorial, you'll learn to use the sudo command. We will also address a few FAQs on sudo command in Linux.

(sudo command not found) Installing Sudo

Most Linux distributions come with the sudo package pre-installed.

Open your terminal, type sudo, and press Enter to see if the sudo package is installed on your machine. If sudo is installed on the machine, it will display a brief help message. Otherwise, you'll get a message that says sudo command not found.

If sudo isn't already installed, you can do so using your distro's package manager.

Install Sudo on Ubuntu and Debian

apt install sudo

Install Sudo on CentOS and Fedora

yum install sudo

Adding User to Sudoers

Granting sudo access is usually as simple as adding the user to the sudo group defined in the sudoers file on most Linux distributions. Members of this group will have root privileges and will be able to run any command. The name of the group may vary from one distribution to the next.

wheel is the name of the sudo group on RedHat - based distributions like CentOS and Fedora. Run the following command to add the user to the group:

usermod -aG wheel username

sudo access is granted to members of the sudo group on Debian, Ubuntu, and their derivatives:

usermod -aG sudo username

For security reasons, the root user account in Ubuntu is deactivated by default, and users are encouraged to execute system administration activities through sudo. Because the initial user generated by the Ubuntu installer is already a member of the sudo group, if you're using Ubuntu, the user you're signed in as is likely to have sudo rights.

Instead of adding the user to the sudo group, add the users to the sudoers file to allow them to run only selected programs as sudo.

To allow the user vega to run only the mkdir command as sudo, for example, type:

sudo visudo

Now append the following line:

vega  ALL=/bin/mkdir

The visudo command opens the /etc/sudoers file using the vim text editor on most systems. If you're new to vim, take a look at our tutorial on how to save a file and exit the editor.

You may also provide people the ability to perform sudo commands without having to submit their password:

vega  ALL=(ALL) NOPASSWD: ALL

How to Use Sudo

Below is the syntax for sudo command:

sudo OPTION.. COMMAND

The sudo command offers a lot of options that influence how it behaves, although it's commonly used in its most basic form, with no options.

To use sudo, simply type sudo before the command:

sudo command

The command for which you want to utilize sudo is the command.

sudo will check the /etc/sudoers file to see if the invoking user has sudo assess permissions. You will be prompted for the user password the first time you use sudo in a session, and the command will be run as root.

To list all files in the /root directory, for example, type:

sudo ls /root
Output

[sudo] password for linuxize:
.  ..  .bashrc	.cache	.config  .local  .profile

Password Timeout

After five minutes of sudo inactivity, sudo will prompt you to enter your password again. The default timeout can be changed by changing the sudoers file. visudo is used to open the file:

sudo visudo

Add the line below to set the default timeout, where 10 is the timeout in minutes:

Defaults  timestamp_timeout=10

If you only want to alter the timestamp for one user, add the line below, where user_name is the user's name.

Defaults:user_name timestamp_timeout=10

Run a Command as a User Other than Root

It's a common misconception that sudo is only used to give regular user root permissions. Actually, you can run a command as any user with sudo.

You can use the -u argument to run a command as a certain user.

We'll use sudo to run the whoami command as the user "mike" in the following example:

sudo -u richard whoami

The whoami command prints the name of the user who is running it:

Output

mike

How to Redirect with Sudo

You'll get a "Permission denied" error if you try to redirect the output of a command to a file where your user doesn't have write permissions.

sudo echo "test" > /root/file.txt
Output

bash: /root/file.txt: Permission denied

This occurs because the output redirection “>”  is handled by the user with whom you are now signed in, not the user-specified with sudo. Before the sudo command is executed, the redirection takes place.

One option is to use sudo sh -c to start a new shell as root.

sudo sh -c 'echo "test" > /root/file.txt'

Another way is to pipe the output to the tee command as a regular user, as seen below:

echo "test" | sudo tee /root/file.txt

FAQs on sudo command in Linux

How do I use the "sudo" command? 

To use "sudo," you need to prepend it to the command you want to execute with elevated privileges. For example, sudo apt-get update will run the "apt-get update" command with administrative privileges.

Who can use the "sudo" command? 

By default, the "sudo" command is available to the root user and any user included in the "sudoers" file. The system administrator can grant or restrict "sudo" access to specific users or groups.

Can I specify a time limit for "sudo" access? 

Yes, by default, "sudo" grants temporary elevated privileges for a short amount of time. After a period of inactivity, it will prompt for authentication again. This behavior can be customized in the "sudoers" file.

How can I add a user to the "sudoers" file? 

The "sudoers" file can be modified using the "visudo" command (which opens the file in a safe way). By adding the user to the file using the correct syntax, the user will be granted "sudo" access.

Can I execute multiple commands using "sudo" at once?

Yes, it is possible to execute multiple commands using "sudo" by separating them with semicolons. For example, sudo command1 ; command2 will execute "command1" followed by "command2" with elevated privileges.

Are there any security risks associated with using "sudo"? 

Misusing or improperly configuring "sudo" can lead to security risks. It is important to grant "sudo" access only to trusted users and exercise caution when running privileged commands from untrusted sources.

How can I run a graphical application with "sudo"? 

To run a graphical application with "sudo," you can use the command sudo -H <application-name>. The "-H" option ensures that the application runs with the correct home directory and environment variables.

Conclusion

You've learned how to use the sudo command as well as how to create new sudo users.

If you have any queries, please leave a comment below and we’ll be happy to respond to them.

Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to DevOps Blog - VegaStack.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.