sudo Command in Linux Explained with Examples

Last updated: November 12, 2023 | Subhash Chandra

sudo stands for "superuser do". It allows a permitted user to execute a command as the superuser or another user, as specified in the sudoers file.

Why sudo?

  • It provides a secure way for users to run administrative tasks without needing the root password.
  • It's safer than logging in as root because it grants administrative privileges temporarily and logs all commands and failed access attempts.

When you run a command with sudo, you are typically asked to enter the password for your current user account. Upon successful authentication, Linux records a timestamp. This timestamp allows the user to run subsequent sudo commands without re-entering their password for a period of time. By default, this timeout period is 15 minutes. During these 15 minutes, you can run sudo commands without being prompted for your password again.

Note: The user needs to be added sudo (or wheel in some distro) group or the sudoers file, which grants them the ability to execute commands with sudo.

Syntax

The basic syntax of the sudo command in Linux is as follows:

sudo [options] command

Common Options:

  • -u [user]: Run the command as a specified user.
  • -l: List the allowed (and forbidden) commands for the user.
  • -v: Extend the sudo timeout for another 15 minutes.
  • -k: Invalidate the user's cached credentials.

Examples

1. Run a Command as Root

For example, I want to install the samba package. Let me try installing it without sudo.

apt install samba
run command without sudo

The installation didn't start because permission denied. Now let's use the same command with sudo:

sudo apt install samba
with sudo command install package

The above command will run the apt install samba command with root privileges.

Another example of editing files needing root permissions:

sudo vi /etc/hosts

This opens the /etc/hosts file in the nano editor with root privileges.

2. Listing user privileges

Use -l option to know your privileges before attempting a command.

Command:

sudo -l
sudo listing user privileges

This lists what commands the current user can run with sudo.

3. Running a command as a different user

The sudo command can be used to run commands as a different user in Linux.

sudo -u tom /usr/bin/python sample.py

When you execute above entire command, it runs the sample.py script as if user tom was running it. This approach is particularly useful for running scripts or commands that require the specific permissions or environment of a different user.

4. Invoke login shell

Use sudo -i to invoke a login shell. This command will switch to a login shell as the root user.

Command:

sudo -i
sudo invoke login shell

Alternatively, you can run sudo su - which is the same. In both cases, it switches to the login shell and in the root's home directory with the root's environment.

Another example:

sudo -i -u bob echo \$HOME
another example sudo invoke login shell

The backslash (\) before $HOME ensures that the variable is interpreted in the target user's shell, not the shell of the user running sudo. This command will print the home directory of the specified user, as defined in their environment.

Use case example:

sudo -u www-data bash -i -c "env"

Here you can effectively "log in" as www-data and run commands as if you were in a standard shell session for that user, even though their default shell is set to nologin.

5. Run multiple commands in a single line

There are few ways to run multiple commands with sudo in a single line.

Syntax:

sudo sh -c 'command1 && command2' 
###This executes command1 and then command2 if command1 succeeds.
sudo -- sh -c 'command1; command2' 
###command2 is executed regardless of whether command1 succeeds or fails.

Examples

Run date and ls command:

sudo --sh -c 'date; ls'

Instead of running the update and upgrade separately, can combine them:

sudo -- sh -c 'apt update && sudo apt -y upgrade'

Related Read: Difference Between Sudo and Su in Linux – Which Command to Use?

sudo with redirection Issue

When using sudo with redirection or pipes, the command before the redirection or pipe runs with elevated privileges, but the redirection itself does not.

A command like sudo echo "Steve" > /root/users.txt would fail with a permission denied error. Here echo "Steve" runs with root privileges, but > /root/users.txt is attempted with the user's privileges, which typically do not include write access to /root.

Fix: Use sudo sh -c

This starts a new shell as the root user, and then run the entire command, including redirection, within that shell.

Command looks:

sudo sh -c 'echo "Steve" > /root/users.txt'
sudo with redirection example
SHARE

Comments

Please add comments below to provide the author your ideas, appreciation and feedback.

Leave a Reply

Leave a Comment