Sudo Command in Linux

In this article, you will learn all there is to the sudo command in Linux-based operating systems. We will go through what the sudo command is, why it is used, a brief history of it, syntax, options, and a few practical examples of the sudo command.

What is sudo command in Linux?

Sudo is the abbreviation for “Super User Do”. It is a command-line-based utility in Linux-based operating systems that enables users to run programs with the security privileges of another user, in other words, the superuser.

Now a question may arise as to what a superuser is? Well, in Linus distributions the root user is called the superuser. Why? Because the root user is virtually almighty! he/she has unrestricted access to all the commands, files directories, and resources. Name it, they own it!

We know that apart from the root user, there can also be other guest users in the operating system, and if these users want to operate something that requires the root user privileges, they can simply use the SUDO command to gain their role for a temporary time to execute that command.

Usage of the SUDO command gives you the authority of the root user, except only once. It is like being a superhuman for a limited time period! To give you a better idea, the superhuman is the exact same thing as “run as administrator” in Windows operating system.

The sudo command lets you have multiple administrators. The users who use the sudo command need to have an entry in the sudoers file, this file is located at “/etc/sudoers”. Therefore, if you have to use the sudo command, you have to have an entry, if you don’t you can simply add it.

If you add the prefix “sudo” to any command, the terminal will run the command with elevated privileges or gives the user the required permissions to execute a command as another user.

History of Linux sudo command

The very first version of sudo was written at the Department of Computer Science at buffalo by Robert Coggeshall and Cliff Spencer in 1980. Later, Robert Coggeshall brought sudo along with him to the university of colorado.

Between the years 1986 and 1993, the features and code were considerably changed. These changes were made by the IT staff of the computer science department at the University of Colorado Boulder. The current version of sudo has been publicly maintained by the OpenBSD developer Todd C Miller.

Syntax of the sudo command

The syntax for the sudo command is very simple:

sudo <command>

The sudo command is simply used as a prefix to the main command that needs elevated privileges to run.

Options used with linux sudo command

Despite sudo only being a prefix for the main command, you can also run the sudo command alone by using a couple of options. Let us take a look at the options available with the standalone use of the sudo command:

1. -l

This option prints the command allowed by the user on the current host.

2. -L

This option lists out the parameters set in a ‘Defaults’ line with a short description for each

3. -v

This option makes sudo update the user’s timestamp, prompting for the user’s password if necessary.

4. -k

This option invalidates the user’s timestamp by setting the time on it to the epoch.

5. -K

This option removes the user’s timestamp completely.

6. -b

This option tells sudo to run the given command in the background.

7. -p

This option allows you to override the default password to prompt and use a custom password.

8. -c

This option runs the specified command with resources limited by the specified login class.

9. -a

This option uses the specified authentication type when validating the user.

10. -u

This option runs the specified command as a user other than the root.

11. -s

This option runs the shell and specifies the ‘shell’ environment variable if it is set.

12. -H

This option sets the ‘home’ environment variable to the ‘home directory’ of the target user as specified in the password.

13. -P

This option preserves the user’s group vector.

14. -h

This option prints the help menu as shown below

15. -t

This option causes the new security context to have the type specified.

16. -S

This option takes the password from STDIN (standard input) instead of the terminal device.

17. –

This flag indicates that sudo should stop [rocessing command line arguments.

18. -r

This option causes the new security context to have the role specified.

19. -V

This option prints information about the version of sudo you are using.

Environment variables used by Linux SUDO

Before we proceed further, let us look at the environment variables that the sudo command uses.

1. PATH

This variable sets to a sane value if SECURE_PATH is set.

2. SHELL

This variable determines the shell to run with the option “-s”.

3. USER

This variable sets to the target user. It uses the root user unless is another user is specified with the option “-u”

4. SUDO_PROMPT

This variable prompts the default password.

5. SUDO_COMMAND

This variable takes the value of the command run by sudo.

6. SUDO_USER

This variable takes the value of the login of the user who invoked sudo

7. SUDO_UID

This variable takes the value of the uid of the user who invoked sudo

8. SUDO_GID

This variable takes the value of the gid of the user who invoked sudo

9. SUDO_PS1

This variable sets PS1 to its value.

Installing sudo

The reason I did not include this, in the beginning, is because sudo already comes preinstalled in all the distributions of Linux. Nonetheless, if you don’t have sudo in your Linux based operating system used the command below with respect to your Linux Distro

Installing sudo on Debian based Linux distros

If you want to download sudo on Debian based operating systems like Ubuntu, kali, MX Linux, Mint, deepen, etc, use the command below:

apt install sudo

Installing sudo on Fedor based Linux distros

If you want to download sudo on Fedora-based operating systems like RHEL, CentOS, Qubes, berry Linux, clearOS, etc, use the command below:

yum install sudo

Design of linux SUDO command

1. after authentication the system requests the claimed command, When the configuration file allows the user access,

2. The sudo command is configured for logging every single command run. This is one such feature of the sudo command’s auditing and security feature.

3. Once, a user shots for invoking the sudo command without being listed inside the configuration file.

4. The entry of a user in the sudoers file would be saved inside the system and the root user would be informed via mail.

Granting sudo privileges

To use the sudo command, a must be in the sudo, wheel, or sudoers group. By default, the system grants the superuser privileges to its user if it has only a single user (not having multiple users). However, If a system has multiple users, it excludes a few of them from having sudo privileges.

Nonetheless, you can always give a particular user sudo privileges by using the commands shown below:

Giving sudo privileges in Debian based Linux distros

To give a particular user elevated permissions in Debian based Linux distributions like Ubuntu, kali, MX Linux, Mint, deepen, etc, use the command:

usermod -aG sudo <username>

Giving sudo privileges in Fedora-based Linux distros

To give a particular user elevated permissions in Debian based Linux distributions like RHEL, CentOS, Qubes, berry Linux, clearOS, etc, use the command:

usermod -aG sudo <username>

Using the sudoer file to grant permissions

The method shown above is one method of granting SUDO privileges to a user, another method is the permanently write it in the sudoers file. To do so, type the command “sudo vi sudo” in the terminal.

The configuration file of sudo opens. If you want to grant sudo privileges to a specific user on your computer, type the following command in the configuration file:

<username> ALL=(ALL:ALL) ALL

After successfully writing the line, press “ctrl” + “X” to save and exit. Now you have successfully given a user SUDO privileges.

SU vs SUDO

Before we proceed further and see the usage of the sudo command let us take a moment to compare another very similar command “SU” with the SUDO command. Why are we comparing? Well, we are doing so because these are the only 2 commands used in Linux to gain momentary access or elevated privileges.

The SUDO command stands for “Super User Do” whereas the SU command stands for “Substitute user” . the most distinguishable difference between the 2 is that the SU command is used on its own or mostly with the substitute username as a parameter.

SUDO on the other hand is a prefix for another command. Sudo is the most loved of the 2, because of its ability to define constraints on whether a user can use sudo and with what command he can use it.

Using the sudo command

Ahh! Finally the practical section! Let us see the different ways oh how the sudo command is used for different purposes.

Basic usage of the sudo command

The traditional usage of sudo id to elevate permissions. For example, if you want to update your system (using the command apt-get update), you will not get be able to do it since you don’t have root permissions and hence need the prefix “SUDO”.

In the above output, I could not update the command since I did not have superuser permissions, however, If I use sudo, I can:

Run command as a different user

I can also run a specific command as another user without actually being the other user! For example, If I run the “whoami” command from mu username, I get the expected output:

Now from my own account, I can use sudo and run the same command as the root user:

Executing the previous command with sudo

We can also execute the previous command in Linux by pairing “!!” with sudo:

Running multiple commands with sudo

We can also run multiple commands at once using sudo. We simply combine the commands with a semicolon (;) ans prefix it with a sudo.

Adding text to an already existing file

To add a string of text to a file that already exists, use the following syntax:

echo ‘text’ | sudo tee -a <file path>

To check if the line has been successfully added or not, you can use the cat command.

Switching to the root user

You can also change to the root user by using the command:

sudo bash

These commands don’t even scratch the surface of the sudo command, in fact, we cannot show its great prowess simply by using commands.

Summary

As you have seen, the sudo command is a really powerful command that gives any user elevated permissions. You have now learned what the sudo command is, a brief history of it, the syntax, options, and environment variables of the sudo command, how to install it, and the design of it.

We have also seen w methods of how to give sudo privileges to a specific user, compared it with the SU command, and seen some important usage of the sudo command.