How to Use the sudo Command in Linux

Introduction

Sudo stands for SuperUser DO and is used to access restricted files and operations. By default, Linux restricts access to certain parts of the system preventing sensitive files from being compromised.

The sudo command temporarily elevates privileges allowing users to complete sensitive tasks without logging in as the root user. In this tutorial, learn how to use the sudo command in Linux with examples.

How to configure allowing users to use the sudo command

To configure a user we first need to log in as the root user.

Step 1: Use the useradd command to add a user to the system:

useradd username

Step 2: Use the passwd command to update the password for the newly created user:

passwd username

The password must be strong enough and confirm the password.

For CentOS 7, by default all users in wheel are given sudo privileges.

Step 3: Use the usermod command to add the newly created user to the wheel group

usermod -aG wheel username

Step 4: Access sudo on the new user

  • Use su to switch to a new user: su username
  • Type sudo before you want to run as superuser: sudo command_to_run
  • The first time you execute the sudo command, you’ll enter the user’s password:

Example: View the directory of user /root:

Displaying elements in the /root user’s directory is inherently only possible for the root user:

sudo ls -la /root

When your user is added to the wheel group, your commands are executed as root.

Above is how to configure for a user to use all the commands corresponding to the root user. In some cases, the administrator only allows the user to use the sudo command to perform a few commands, we have a way to configure it in the visudo configuration file.

To let the user use the sudo command to execute a certain command, we just need to configure the file visudo.

Add poweroff permission for the user:

Add poweroff permission for user2 to use sudo to shutdown in visudo file:

Configure the user to use the sudo command:

Configure the user to use the sudo command to execute some or all commands corresponding to the root user:

Allows user1 to execute multiple commands as root

user1 ALL=(root) /sbin/shutdown, /bin/kill, /etc/init.d/httpd.

Allows user1 to shutdown without having to confirm with a password

user1 localhost= NOPASSWD: /sbin/shutdown.

Allows user1 to execute any command in /usr/bin on machine linux01.

user1 linux01 = /usr/bin/*

Example 

Use sudo to remove or add a user or group

sudo useradd username

sudo userdel username

sudo groupadd anewgrou

sudo groupdel anewgroup

Use sudo to run commands as another user – not just the root user

Most people use sudo to run commands as root, which also allows you to run commands as other users. Just use the -u option with the sudo command and specify the username.

sudo -u username whoami

Use the sudo command to update to new updates:

sudo yum update

Without using sudo when another user is configured the entire command of the root user will not be updated. Example of this problem:

Using sudo to switch to the root user:

sudo -i -u root

When using sudo to switch from the current user to the root user, there is no need to use the root user’s password. This makes the root account more secure.

Fix the corrupted /etc/sudoers file:

The /etc/sudoers file can keep sudo inactive and really mess you up. So there are a few ways around this that don’t involve a lot of work, and the visudo command provides some detail on the issues that need to be fixed.

Problem:

How to fix:

pkxec visudo

In addition, you can also implement a file editor according to your needs:

sudo vim /file

Click here to buy our VPS!

On this page