- 10+ sudo command examples in Linux [Cheat Sheet]
- How to install sudo
- Syntax for sudo command
- Different examples to use sudo command
- 1. Use sudo to run command as a root user
- 2. Use sudo to run command as a different user
- 3. List user privileges with sudo command
- 4. Display privileges for another user with sudo command
- 5. sudo command to add a user to the sudo group
- 6. sudo command to add users to the sudoers file
- 7. Run command in the background with sudo
- 8. Update sudoers files using sudo command
- 9. sudo command to update the user’s cached credentials
- 10. sudo command to invalidate user’s cached credentials
- 11. sudo command to remove the user’s timestamp completely
- sudo command vs su command
- Conclusion
- What’s Next
- Further Reading
- sudo command in Linux with examples
- sudo Command in Linux
- sudo Command Examples
- Conclusion
10+ sudo command examples in Linux [Cheat Sheet]
sudo command in Linux stands for Super User DO. It allows you to execute a command as another user, including the superuser. sudo is an efficient way to access the root privileges and execute the command as the root user. With sudo, you can access the root privileges without knowing the root password or logging as the root user. The user needs to have the sudo privileges to run the sudo command.
How to install sudo
In most of the Linux distributions, sudo is pre-installed on the system. However, if you do not find the sudo package on the system, you can install it from the default package management repositories.
To install sudo on CentOS, Fedora, and RHEL
To install sudo on Ubuntu and Debian
Syntax for sudo command
The security policy determines whether or not a user has sudo privileges. The default security policy is sudoers configured in the file /etc/sudoers.
The general syntax for sudo command is as follows:
Some of the options available in sudo command are:
- -V: display version information of sudo
- -h: display help message and exit
- -l: list user’s privileges or check a specific command
- -k: reset the user’s timestamp
- -u: run the command as a different user
Different examples to use sudo command
1. Use sudo to run command as a root user
By default, when no user is specified, the sudo runs a command as a root user. It is mostly used to run the command which needs root permission.
Sample Output:
When listing the root directory, the permission was denied because only the root user can list the root directory. But, after using the sudo command, we can list the root directory.
Similarly, when you want to install, remove, or update the package in the system, you will need the root privilege. You can use sudo command to install the package without logging in as a root user.
2. Use sudo to run command as a different user
The -u or —user option allows you to run a command as the specified user name or user ID. So, you can run the command as a user other than the root.
Sample Output:
golinux@ubuntu-PC:~$ sudo -u deepak whoami deepak You can also change the password of another user without logging in.
golinux@ubuntu-PC:~$ sudo passwd deepak New password: Retype new password: passwd: password updated successfully 3. List user privileges with sudo command
The -l or —list option is used to list user’s privileges on the output. You can use this option twice for a longer format.
Sample Output:
It shows the user golinux can run all the commands with sudo on the system.
deepak@ubuntu:~$ sudo -l [sudo] password for deepak: Matching Defaults entries for deepak on ubuntu: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin User deepak may run the following commands on ubuntu: (ALL : ALL) ALL Use -l twice for longer output:
deepak@ubuntu:~$ sudo -ll Matching Defaults entries for deepak on ubuntu: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin User deepak may run the following commands on ubuntu: Sudoers entry: RunAsUsers: ALL RunAsGroups: ALL Commands: ALL It also checks for a specific command in the system. Let’s check the command adduser and nmap using sudo -l .
As you can see, it does not run the command but only checks where it is located in the system.
golinux@ubuntu-PC:~$ sudo -l adduser /usr/sbin/adduser 4. Display privileges for another user with sudo command
You can use -U or —other-user option with -l option to display the user privileges of the given user.
Sample Output:
As you can see, the user deepak does not have sudo privileges but the root user can run all the commands.
5. sudo command to add a user to the sudo group
When you add a user to the sudo group, that user will be able to run all commands with sudo. You can add a user to the sudo group with the following command on Ubuntu and Debian.
$ sudo usermod -aG sudo user Sample Output:
On RHEL, CentOS, and Fedora, you can use:
$ sudo usermod -aG wheel user 6. sudo command to add users to the sudoers file
The user and group sudo privileges are defined in the /etc/sudoers file. The user who is listed in the sudoers file has sudo privileges and can run sudo command. You can add a user in the sudoers file by using visudo command.
Sample Output:
You need to add [username] ALL=(ALL:ALL) ALL on the User privilege specification as shown in the image below.
7. Run command in the background with sudo
The -b or —background option can be used to run the given command in the background. When you use this option, you cannot use shell job control to manipulate the process.
8. Update sudoers files using sudo command
Normally visudo is used to add/remove/modify sudoers entry in /etc/sudoers but if you intend to add another file inside /etc/sudoers.d then you can edit files in the terminal using -e or —edit option with sudo command. This is the recommended way when we are updating sudoers entry for any user to avoid any syntax errors.
Sample Output:
You can only edit files on the directory which is non-writable. It opens a nano editor to edit a file.
$ sudo -e /etc/sudoers.d/01-sudo-rule
This will create a new sudo rule inside /etc/sudoers.d based on the content added in this file. Now if you didn’t followed proper syntax while adding sudo rules, then after svaing the file, you won’t be able to access the file again or you may not able to save the file itself. Here is a sample error when I intentionally gave a wrong syntax in my sudoers file
deepak@ubuntu:~$ sudo -e /etc/sudoers.d/01-sudo-rule >>> /etc/sudoers.d/01-sudo-ssh: syntax error near line 2 9. sudo command to update the user’s cached credentials
The -v or —validate option tells sudo to update the user’s cached credentials. It updates user’s timestamp without running a command.
Sample Output:
It does not print any output but displays an error if the user does not have sudo privileges.
golinux@ubuntu-PC:~$ sudo -v [sudo] password for golinux:
10. sudo command to invalidate user’s cached credentials
The -k or —reset-timestamp option remove the user’s timestamp or cached credentials. So, when you run the sudo command next time, you will require a password. It allows a user to revoke sudo permissions from a .logout file.
Sample Output:
11. sudo command to remove the user’s timestamp completely
The -K or —remove-timestamp is similar to -k option except that it removes the user’s timestamp or cached credentials completely. Not all security policies support credential caching.
sudo command vs su command
Both sudo and su command are used to access the privileges of other accounts, including the root. su command is used to switch the user account whereas sudo command is used to run the command as the root user or a different user. Generally, with su command, you will need the password of the target user. But, sudo asks for the password of the current user.
For more details on su command, please read 9 su command examples in Linux [Cheat Sheet]
Conclusion
In this tutorial, we discussed the usages and the most common examples of sudo command in Linux. We hope you have learned how to use sudo command and execute the commands as another user with sudo privileges. If you still have any confusion, do let us know in the comment section.
What’s Next
Further Reading
Didn’t find what you were looking for? Perform a quick search across GoLinuxCloud
If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.
For any other feedbacks or questions you can either use the comments section or contact me form.
Thank You for your support!!
sudo command in Linux with examples
The sudo command in Linux is one of the most important and widely used commands for managing system permissions. It allows you to run a command as the superuser, giving you elevated privileges that are necessary for performing administrative tasks on the system.
This article is a follow-up to the previous 90 Linux Commands frequently used by Linux Sysadmins post. As time allows, I will publish articles on the 90 commands geared toward Linux sysadmins and Linux power users.
sudo Command in Linux
Image source: wallbase.cc.
The sudo command in Linux is used to execute a command with administrative privileges, also known as superuser or root access. The root user has complete control over the system and can perform any action, including modifying system files, installing software, and modifying system settings.
By default, most Linux distributions do not allow regular users to run commands as the root user. Instead, they must use the sudo command to temporarily elevate their privileges to the root level. This helps to prevent accidental damage to the system and to maintain security by allowing users to perform administrative tasks only when necessary.
sudo Command Examples
The most basic usage of the sudo command is to run a command as the superuser.
To run a command as the superuser, use the following:
If you need to edit a file as the superuser, you can use the —edit option with the sudo command.
To edit a file as the superuser with your default editor, use the following:
In some cases, you may need to run a command as another user or group. To do this, you can use the —user and —group options with the sudo command:
sudo --user=user --group=group id -a
To repeat the last command prefixed with sudo (only in bash, zsh, etc.),
For example, if you just ran the following command ls /tmp
You can repeat it with sudo using the following command:
If you need to launch the default shell with superuser privileges, you can use the —login or —shell options with the sudo command.
To launch the default shell with superuser privileges and run login-specific files (.profile, .bash_profile, etc.), use the following:
To launch the default shell with superuser privileges without changing the environment, use the following:
To launch the default shell as the specified user, loading the user’s environment and reading login-specific files (.profile, .bash_profile, etc.), use the following:
To launch ist the allowed (and forbidden) commands for the invoking user, use the following:
Conclusion
The sudo command is a powerful tool that allows you to run commands as the superuser, edit files as the superuser, run commands as another user or group, repeat the last command with sudo, launch the default shell with superuser privileges, and much more.
Whether you are a beginner or an experienced Linux user, the sudo command is an essential tool that you will regularly use in your day-to-day work. By understanding its various options and capabilities, you will be able to use it more effectively and efficiently to manage your system.