What is sudo file in linux

sudo command in Linux with Examples

sudo (Super User DO) command in Linux is generally used as a prefix for some commands that only superusers are allowed to run. If you prefix any command with “sudo”, it will run that command with elevated privileges or in other words allow a user with proper permissions to execute a command as another user, such as the superuser. This is the equivalent of the “run as administrator” option in Windows. The option of sudo lets us have multiple administrators.

These users who can use the sudo command need to have an entry in the sudoers file located at “/etc/sudoers”. Remember that to edit or view the sudoers file you have to use the sudo command. To edit the sudoers file it is recommended to use the “visudo” command.

By default, sudo requires that users authenticate themselves with a password that is the user’s password, not the root password itself.

The syntax for `sudo` command:

sudo -V | -h | -l | -v | -k | -K | -s | [ -H ] [-P ] [-S ] [ -b ] | [ -p prompt ] [ -c class|- ] [ -a auth_type ] [-r role ] [-t type ] [ -u username|#uid ] command

Options Available in the `sudo` command

sudo -b [command]

(replace “command” with the command you want run in the background)

sudo -p "Enter your password" [command]

(replace “command” with the command you want run in the background)

sudo -n [command]

(replace “command” with the command you want run in the background)

sudo -u [user] [command]

(replace “command” with the command you want run in the background)

sudo -s [command]

(replace “command” with the command you want run in the background)

sudo -H [command]

(replace “command” with the command you want run in the background)

sudo -S [command]

(replace “command” with the command you want run in the background)

sudo -a [auth-type] [command]

(replace “command” with the command you want run in the background)

sudo -- [command]

(replace “command” with the command you want run in the background)

The output of few commands

1. -V: The -V (version) option causes sudo to print the version number and exit. If the invoking user is already root, the -V option will print out a list of the defaults sudo was compiled with.

2. -l: The -l (list) option will print out the commands allowed (and forbidden) the user on the current host.

3. -h or –help: The -h (help) option causes sudo to print a usage message and exit.

Environment Variables

These environment variables are used by sudo

Frequently asked Questions about `sudo` command

1) What is `sudo` in Linux?

Sudo is a command in Linux that allows users to run commands with privileges that only root user have. It helps users to do tasks with administrative power without logging in as the root user, though sometimes it can be risky.

2) Which Linux commands need `sudo` privileges?

There are many Linux commands that are needed to execute with sudo privileges such as networking commands, package management commands and system level commands. For example, commands that require sudo privileges to run are `yum`, `systemctl`, `mount`, `apt-get`, `fdisk` and `ifconfig`.

3) What can I run with sudo?

• Installing a new package: `sudo apt-get install package_name`
• Updating the system: `sudo apt-get update && sudo apt-get upgrade`
• Modifying system configurations: `sudo nano /etc/fstab`
• Starting a system service: `sudo systemctl start service_name`
• Stopping a system service: `sudo systemctl stop service_name`
• Creating a new user account: `sudo useradd username`
• Changing file permissions: `sudo chmod 755 file_name`

4) What is difference between su and sudo command in Linux?

In Linux, the su (switch user) command enables users to log in as another user, often the root user, and access their files and settings. In contrast, the sudo command enables users to run certain commands with increased privileges without logging in as the root user. Sudo is a more secure method of granting temporary root privileges to users.

5) How do I give and take user sudo access in Linux?

In Linux we can give or take `sudo` access by adding or removing the username from the file called `sudores`. To add username to the sudoers we need to run `sudo visudo` command and edit the file and add the line that will give access to user. For example: “username ALL=(ALL:ALL) ALL” gives the user complete access to the sudo command.

And We can disable a user’s sudo access by using the same command “sudo visudo” which will be used to edit the sudoers file and remove the line that gives them sudo access. Once the line is deleted, the user will no longer be able to use the sudo command to execute privileged commands.

Источник

How to Use the sudo Command in Linux

Sudo stands for SuperUser DO and is used to access restricted files and operations. By default, Linux restricts access to certain parts of the system preventing sensitive files from being compromised.

The sudo command temporarily elevates privileges allowing users to complete sensitive tasks without logging in as the root user. In this tutorial, learn how to use the sudo command in Linux with examples.

• A system running Linux
• Access to a command line/terminal window (Activities > Search > Terminal)
• A user account with sudo or root privileges

How to use the sudo Command

sudo was developed as a way to temporarily grant a user administrative rights. To make it work, use sudo before a restricted command. The system will prompt for your password. Once provided, the system runs the command.

Syntax

To start using sudo , use the following syntax:

When the sudo command is used, a timestamp is entered in the system logs. The user can run commands with elevated privileges for a short time (default 15 minutes). If a non-sudo user tries to use the sudo command, it is logged as a security event.

Options

sudo can be used with additional options:

• -h – help; displays syntax and command options
• -V – version; displays the current version of the sudo application
• -v – validate; refresh the time limit on sudo without running a command
• -l – list; lists the user’s privileges, or checks a specific command
• -k – kill; end the current sudo privileges

Additional options can be found under the -h option.

Note: Staying logged in as an administrator compromises security. In the past, admins would use su (substitute user) to temporarily switch to an administrator account. However, the su command requires a second user account and password, which isn’t always feasible.

Granting sudo Privileges

For most modern Linux distributions, a user must be in the sudo, sudoers, or wheel group to use the sudo command. By default, a single-user system grants sudo privileges to its user. A system or server with multiple user accounts may exclude some users from sudo privileges.

We recommend to only grant privileges that are absolutely necessary for the user to perform daily tasks.

The following sections explain how to add a user to the sudoers group.

RedHat and CentOS

In Redhat/CentOS, the wheel group controls sudo users. Add a user to the wheel group with the following command:

usermod -aG wheel [username]

Replace [username] with an actual username. You may need to log in as an administrator or use the su command.

Debian and Ubuntu

In Debian/Ubuntu, the sudo group controls sudo users. Add a user to the sudo group with the following command:

Replace [username] with an actual username. You may need to log in as an administrator or use the su command.

Using visudo and the sudoers Group

In some modern versions of Linux, users are added to the sudoers file to grant privileges. This is done using the visudo command.

1. Use the visudo command to edit the configuration file:

2. This will open /etc/sudoers for editing. To add a user and grant full sudo privileges, add the following line:

Here’s a breakdown of the granted sudo privileges:

[username] [any-hostname]=([run-as-username]:[run-as-groupname]) [commands-allowed]

Note: It’s easier to simply add a user to the sudo or wheel group to grant sudo privileges. If you need to edit the configuration file, only do so using visudo. The visudo application prevents glitches, bugs, and misconfigurations that could break your operating system.

Examples of sudo in Linux

Basic Sudo Usage

1. Open a terminal window, and try the following command:

2. You should see an error message. You do not have the necessary permissions to run the command.

3. Try the same command with sudo :

4. Type your password when prompted. The system executes the command and updates the repositories.

Run Command as a Different User

1. To run a command as a different user, in the terminal, enter the following command:

2. The system should display your username. Next, run the following command:

sudo -u [different_username] whoami

3. Enter the password for [different_username] , and the whoami command will run and display the different user.

Switch to Root User

This command switches your command prompt to the BASH shell as a root user:

Your command line should change to:

The hostname value will be the network name of this system. The username will be the current logged-in username.

Execute Previous Commands with sudo

The Linux command line keeps a record of previously executed commands. These records can be accessed by pressing the up arrow. To repeat the last command with elevated privileges, use:

This also works with older commands. Specify the historical number as follows:

This example repeats the 6th entry in history with the sudo command.

To learn about how to efficiently use history command, check out our article on sudo history command with examples.

Run Multiple Commands in One Line

String multiple commands together, separated by a semicolon:

Add a String of Text to an Existing File

Adding a string of text to a file is often used to add the name of a software repository to the sources file, without opening the file for editing. Use the following syntax with echo, sudo and tee command:

echo ‘string-of-text’ | sudo tee -a [path_to_file]

echo "deb http://nginx.org/packages/debian `lsb_release -cs` nginx" \ | sudo tee /etc/apt/sources.list.d/nginx.list

Note: This would add the Nginx software repositories to your system.

You should now understand the sudo command, and how to use it. Next, learn the difference between the sudo and su command.

Источник