Sudo Command in Linux
Introduction
You can use the sudo
command to run applications as another user, by default the root user. Sudo is one of the commands that you will use regularly if you spend a lot of time on the command line.
Because you may offer restricted administrative access to particular users without them knowing the root password, using sudo instead of logging in as root is safer.
In this tutorial, you'll learn to use the sudo
command. We will also address a few FAQs on sudo command in Linux.
(sudo command not found) Installing Sudo
Most Linux distributions come with the sudo package pre-installed.
Open your terminal, type sudo
, and press Enter
to see if the sudo package is installed on your machine. If sudo
is installed on the machine, it will display a brief help message. Otherwise, you'll get a message that says sudo command not found
.
If sudo isn't already installed, you can do so using your distro's package manager.
Install Sudo on Ubuntu and Debian
apt install sudo
Install Sudo on CentOS and Fedora
yum install sudo
Adding User to Sudoers
Granting sudo access is usually as simple as adding the user to the sudo group defined in the sudoers file on most Linux distributions. Members of this group will have root privileges and will be able to run any command. The name of the group may vary from one distribution to the next.
wheel
is the name of the sudo group on RedHat - based distributions like CentOS and Fedora. Run the following command to add the user to the group:
usermod -aG wheel username
sudo
access is granted to members of the sudo group on Debian, Ubuntu, and their derivatives:
usermod -aG sudo username
For security reasons, the root user account in Ubuntu is deactivated by default, and users are encouraged to execute system administration activities through sudo. Because the initial user generated by the Ubuntu installer is already a member of the sudo group, if you're using Ubuntu, the user you're signed in as is likely to have sudo rights.
Instead of adding the user to the sudo group, add the users to the sudoers file to allow them to run only selected programs as sudo.
To allow the user vega
to run only the mkdir
command as sudo, for example, type:
sudo visudo
Now append the following line:
vega ALL=/bin/mkdir
The visudo
command opens the /etc/sudoers
file using the vim text editor on most systems. If you're new to vim, take a look at our tutorial on how to save a file and exit the editor.
You may also provide people the ability to perform sudo commands without having to submit their password:
vega ALL=(ALL) NOPASSWD: ALL
How to Use Sudo
Below is the syntax for sudo
command:
sudo OPTION.. COMMAND
The sudo command offers a lot of options that influence how it behaves, although it's commonly used in its most basic form, with no options.
To use sudo, simply type sudo
before the command:
sudo command
The command
for which you want to utilize sudo is the command.
sudo
will check the /etc/sudoers
file to see if the invoking user has sudo assess permissions. You will be prompted for the user password the first time you use sudo in a session, and the command will be run as root.
To list all files in the /root
directory, for example, type:
sudo ls /root
Output
[sudo] password for linuxize:
. .. .bashrc .cache .config .local .profile
Password Timeout
After five minutes of sudo inactivity, sudo will prompt you to enter your password again. The default timeout can be changed by changing the sudoers
file. visudo
is used to open the file:
sudo visudo
Add the line below to set the default timeout, where 10 is the timeout in minutes:
Defaults timestamp_timeout=10
If you only want to alter the timestamp for one user, add the line below, where user_name
is the user's name.
Defaults:user_name timestamp_timeout=10
Run a Command as a User Other than Root
It's a common misconception that sudo
is only used to give regular user root permissions. Actually, you can run a command as any user with sudo
.
You can use the -u
argument to run a command as a certain user.
We'll use sudo
to run the whoami
command as the user "mike" in the following example:
sudo -u richard whoami
The whoami
command prints the name of the user who is running it:
Output
mike
How to Redirect with Sudo
You'll get a "Permission denied" error if you try to redirect the output of a command to a file where your user doesn't have write permissions.
sudo echo "test" > /root/file.txt
Output
bash: /root/file.txt: Permission denied
This occurs because the output redirection “>
” is handled by the user with whom you are now signed in, not the user-specified with sudo. Before the sudo command is executed, the redirection takes place.
One option is to use sudo sh -c
to start a new shell as root.
sudo sh -c 'echo "test" > /root/file.txt'
Another way is to pipe the output to the tee command as a regular user, as seen below:
echo "test" | sudo tee /root/file.txt
FAQs on sudo command in Linux
How do I use the "sudo" command?
To use "sudo," you need to prepend it to the command you want to execute with elevated privileges. For example, sudo apt-get update
will run the "apt-get update" command with administrative privileges.
Who can use the "sudo" command?
By default, the "sudo" command is available to the root user and any user included in the "sudoers" file. The system administrator can grant or restrict "sudo" access to specific users or groups.
Can I specify a time limit for "sudo" access?
Yes, by default, "sudo" grants temporary elevated privileges for a short amount of time. After a period of inactivity, it will prompt for authentication again. This behavior can be customized in the "sudoers" file.
How can I add a user to the "sudoers" file?
The "sudoers" file can be modified using the "visudo" command (which opens the file in a safe way). By adding the user to the file using the correct syntax, the user will be granted "sudo" access.
Can I execute multiple commands using "sudo" at once?
Yes, it is possible to execute multiple commands using "sudo" by separating them with semicolons. For example, sudo command1 ; command2
will execute "command1" followed by "command2" with elevated privileges.
Are there any security risks associated with using "sudo"?
Misusing or improperly configuring "sudo" can lead to security risks. It is important to grant "sudo" access only to trusted users and exercise caution when running privileged commands from untrusted sources.
How can I run a graphical application with "sudo"?
To run a graphical application with "sudo," you can use the command sudo -H <application-name>
. The "-H" option ensures that the application runs with the correct home directory and environment variables.
Conclusion
You've learned how to use the sudo
command as well as how to create new sudo users.
If you have any queries, please leave a comment below and we’ll be happy to respond to them.