How to use the sudo Command in Linux

In this guide, we will take you through the basics of using the sudo command within a Linux-based distribution.

How to use the sudo Command in Linux

The sudo command allows any user within the sudo group to run commands as another user. By default, sudo will run as root, but you can specify any user you want. If you plan on using a Linux operating system, you will likely use this command quite a bit.

You will most likely use this command when you run a command requiring root or super user privileges. For example, many user administration commands will need the user to have root privileges to run. In less likely scenarios, you may need to use a different user to run a specific command.

This tutorial covers most of the basics for using the sudo command on a Linux operating system. For example, we cover the syntax, options, and a few use-cases.

Table of Contents

sudo Command Syntax

The sudo command itself is very straightforward and accepts two different parameters. Therefore, it is most likely you will use this command with no additional options applied to it.

sudo [OPTIONS] [COMMAND]
  • [OPTIONS] is where you can specify any additional options you would like to apply to the sudo command.
  • [COMMAND] is the command you wish to run as the superuser or another user.

sudo Command Options

There are quite a few different options that you can apply to the sudo command. However, it is unlikely you will use them in most cases.

  • -B or --bell will ring the bell whenever a password prompt appears.
  • -b or --background will run the given command in the background. If the command is interactive, it will likely fail in background mode. Also, it is not possible to control background processes started by sudo.
  • -k or --reset-timestamp will invalidate the user’s cached credentials. This change will require the user to enter the password when they attempt to use sudo again.

    If you use this option with a command, sudo will ignore the user’s cached credentials and require a password. However, it will not update the user’s cached credentials.
  • -K or --remove-timestamp will remove the user’s cached credentials. It does not work with a command.
  • -l or --list will list the allowed and forbidden commands for the invoking user. You can specify a different user by using the -u option. If a command is specified, a fully qualified path to the command is displayed along with any command line arguments.
  • -n or --non-interactive will prevent any prompt for input from the user. However, in some cases, this may result in an error, such as sudo requiring a password to execute.
  • -g or --group= group will run the command using the specified group as the primary group. You can specify the group ID (GID) or a group name. If you do not specify a user using the -u or --user option, the command will run as the invoking user.
  • -u or --user= user will run the command as the specified user ID or user name.
  • -T or --command-timeout= timeout allows you to terminate the command after the specified time limit.
  • -h or --help displays brief help information for the sudo command.
  • -v or --validate will update the user’s cached credentials. This update will extend the sudo timeout by another 15 minutes by default. It does not work with a command.
  • -- will stop sudo from processing command line arguments.

Below is a brief description of some options you can use. I recommend accessing the help documents within Linux if you require more information.

Using the sudo Command

There are many examples of when you will need to use sudo to perform a specific task. For example, if you need to perform an action that requires administrative privileges, such as changing settings on other users or editing system properties.

You can also use sudo to run Linux commands as another user or group. It is useful if you have specific tasks running under a particular user but do not want to log in separately to the user.

Below are a few examples of how you can use the sudo command to perform different tasks.

Basic Usage

The most likely way you will use the sudo command is without any options. To run the sudo command, enter sudo followed by the command you wish to run as root.

sudo whoami

The output below shows that the user is root when we run whoami with sudo.

dev@pimylifeup:~$ sudo whoami
[sudo] password for dev:
root

Specify User

You can use sudo to run commands as a user that is not root by using the -u or --user= option.

In the example below, we use the --user option to run the sudo command as the pi user. We use whoami to confirm the command runs under the pi user.

sudo --user=pi whoami

As you can see in our output below, the whoami command runs as the pi user.

dev@pimylifeup:~$ sudo --user=pi whoami
[sudo] password for dev:
pi

Specify Group

To use a specific group when using the sudo command, you can use the -g or --group= option followed by the group you wish to use.

sudo --group=pi mkdir example

If you do not specify a user using the -u or --user option, the command will run as the invoking user.

Below is an example of specifying a group to use instead of the regular user’s primary group. By using ls -l, we can see the owner and group of our directory are the invoking user and the group we specified.

dev@pimylifeup:~$ sudo --group=pi mkdir example
[sudo] password for dev:
dev@pimylifeup:~$ ls -l
drwxrwxr-x 2 dev pi  4096 Jul 22 11:41 example

The example below creates a directory using sudo and the mkdir command without any extra options. As expected, the directory is owned by the root user and group.

dev@pimylifeup:~$ sudo mkdir normal
dev@pimylifeup:~$ ls -l
drwxrwxr-x 2 dev  pi   4096 Jul 22 11:41 example
drwxr-xr-x 2 root root 4096 Jul 22 11:42 normal

Extending the Password Timeout

The -v or --validate option will extend the password timeout by another 15 minutes (Depending on the operating system), but you can change this value by editing the sudoers file. You will be prompted to enter the password if the password has expired.

In the example below, we extend the password timeout using the -v option.

sudo -v

sudo su

A popular use of sudo is using it to run the su command. Using the su command allows you to switch users to the root user (default) or a user of your choice. By running the su command with sudo, you do not need to specify the user’s password to swap to it.

To swap to the root user, write the following command into the terminal.

sudo su

After using the sudo su command, you will be the root user or the user you specified. You will remain logged in as the other user until you enter exit into the terminal.

The output below demonstrates logging into the root user and using exit to return to the original user.

dev@pimylifeup:~$ sudo su
root@pimylifeup:/home/dev# exit
exit

Granting sudo Privileges

For a user to use the sudo command, it will need to be granted sudo privileges. By using sudo, a user can perform commands as the root user, so only grant the privileges to users you can trust.

To grant sudo privileges, you will need to add the user to the sudo group on Ubuntu/Debian or the wheel group on CentOS/Fedora. You can configure settings further by editing the sudoers file using visudo, but we will cover this in another tutorial.

Ubuntu or Debian

To add a user to the sudo group on Ubuntu or Debian, you can use the usermod command.

sudo usermod -aG sudo username

To check if the user is now in the sudo group, you can use the id command.

dev@pimylifeup:~$ id -Gn pi
pi sudo

CentOS or Fedora

If you are using CentOS or Fedora, the sudo group name is wheel. You can use the usermod command to add the user to the group.

sudo usermod -aG wheel username

Using the id command, you can confirm that the user is now in the group.

dev@pimylifeup:~$ id -Gn pi
pi wheel

More Help

There are a couple of easy methods that you can use to get more help in regards to the sudo command.

The first method uses the man command that is inbuilt into most Linux operating systems. To load the manual pages for the command, enter man followed by sudo into the terminal.

man sudo

To exit the manual pages, press the q key.

Alternatively, you can use the -h or --help option with the sudo command to display some basic help information.

sudo --help

I hope either of the above options provides you with the information you require.

Conclusion

I hope you now have a good understanding of the sudo command and how you can utilize it on a Linux distribution. It is an extremely useful command for handling tasks that require elevated privileges.

If you are new to Linux, you will want to learn some of the many other commands that you can use. For example, you might want to check on the uptime of your system or change the password of your user. There is plenty to learn about this incredibly versatile operating system.

Please let us know if you notice a mistake or if an important topic is missing from this guide.

Leave a Reply

Your email address will not be published. Required fields are marked *