In this tutorial, we’ll discuss the sudo command in Linux and various options available with it.
Additionally, we’ll see how sudo is different from su and when we should use it.
Providing root access to all users is not a good practice. Nonetheless, normal users might need to execute some commands as superuser occasionally. This is where the sudo (Super User DO) access comes into the picture. The sudo command provides an efficient way to grant users the special rights to execute commands at the system (root) level. With sudo, we’ll be able to execute administrative tasks without switching users.
In most Linux distributions, the sudo package is installed by default.
To use sudo, let’s just type sudo and press enter.
If sudo is installed, the sudo package usage details will be displayed. If it’s not, a “command not found” message will be displayed.
Now, let’s see how to install sudo in various Linux distributions if it’s not installed already.
If we’re using the apt package manager, we’d type:
$ apt install sudo
Or, if we’re using yum:
$ yum install sudo
4. Granting sudo Access
We’ll need to grant sudo access to a user to make him a “sudoer”. User and group sudo privileges are defined in the /etc/sudoers file. We can either add the user directly to this file or add the user to the sudo group.
For demonstrating sudo privileges, we’re assuming that the user “baeldung” already exists.
4.1. Adding a User to the sudoers File
To add the user to the /etc/sudoers files, we’ll be using the visudo editor:
Let’s add a user to the file by inserting:
baeldung ALL=(ALL) NOPASSWD:ALL
With this configuration, the password will not be required when using sudo, and the user will be granted all sudo privileges.
We can also restrict the no-password setting to specific privileges like creating or deleting a directory. For this, we can add the statement:
baeldung ALL=(ALL) NOPASSWD:/bin/mkdir,/bin/rmdir
4.2. Adding a User to the sudo Group
The sudo group is a group of users with access to the root account. This is similar to the Windows administrator group. Let’s add our “baeldung” user to the sudo group:
$ usermod -aG sudo baeldung
We’ll need to be root user or a user with sudo privileges to run the previous command.
4.3. Validating sudo Privilege of a User
To check if our user has been granted sudo privilege, let’s login as “baeldung” and then execute the command whoami:
If the user is successfully granted the sudo privilege, the command will print “root“. Otherwise, the command will print the username “baeldung“.
5. Using sudo
We can execute a command with the sudo privileges simply with:
$ sudo COMMAND
We can also include options to customize the behavior of the sudo command:
$ sudo OPTION.. COMMAND
Let’s now see a few examples using the sudo command.
We can change the password of the user “sammy“:
$ sudo passwd sammy
Or we can use sudo to restart the system immediately:
$ sudo shutdown -r now
We can use the -k option with sudo to kill the current sudo authentication:
$ sudo -k
Now, the next time we issue the sudo command, the system will prompt for our password.
If we want to know the version of the sudo command version, we can use the -V option. This will print the sudo version number and exit.
$ sudo -V
Now, if we want to run the sudo command in the background without any user interaction, we can use the -b option.
$ sudo -b
When we run a command using the -b option, we cannot use shell job control to manipulate that process.
We can use the -h option to get help about the sudo command and its available options:
$ sudo -h
This will print all the available options of the sudo command, with a short description of each option.
5.2. sudo Return Values
When a command or program executes with sudo successfully, sudo will exit with a value of 0 (zero) and we’ll get the expected results from the command.
On the other hand, sudo will finish with an exit value of 1 (one) if an error or permissions problem occurs.
6. sudo vs su Command
The sudo command lets us use our account and password to execute system commands with root privileges, whereas the su command allows us to switch to a different user and execute one or more commands in the shell without logging out from our current session.
If we want to execute a few commands with the root privileges, we should use sudo. To completely switch to another user or switch to root for a longer session, we may want to use su instead.
To summarize, we discussed the sudo command in Linux. We demonstrated how to use it and presented some common usage examples. Finally, we compared the sudo and su commands and explained when we might choose one over the other.