Sudo
sudo (a portmanteau of "substitute user do" or "superuser do") is a command in Unix-like operating systems, including Linux. It allows a permitted user to execute a command as another user, as specified by a security policy. The default and most common use is to run commands as the superuser.
sudo provides a mechanism for granting specific users (or groups of users) administrative privileges for specific commands, without requiring them to know the root password or log in as the root user directly. This enhances security and accountability.
Contents
Overview and Purpose
Many administrative tasks on a Linux system (like installing software, modifying system files, managing services) require root privileges. Running a command with `sudo` temporarily grants the user the necessary permissions to perform that specific action.
Key purposes of `sudo` include:
- **Elevating Privileges:** Running commands that require permissions beyond those of the user's normal account.
- **Granular Control:** Administrators can configure exactly which users can run which commands, on which hosts, and as which target user (though running as root is most common).
- **Accountability:** sudo logs the commands executed by users, providing a record of administrative actions.
- **Enhanced Security:** Reduces the need to share the root password or work continuously logged in as root, minimizing the risk of accidental system damage or unauthorized persistent access.
Basic Usage
The basic syntax for using the `sudo` command is straightforward:
sudo command_to_run
When you execute a command with `sudo` for the first time in a session (or after a configurable timeout, usually 15 minutes), you will be prompted to enter *your own user account's password*.
user@hostname:~$ sudo apt update [sudo] password for user: ... (command output)
If your user is listed in the sudoers configuration and you enter the correct password, the `command_to_run` will be executed with the privileges of the target user (by default, root). Subsequent `sudo` commands within the timeout period may not require the password again.
How it Works
When a user runs a command prefixed with `sudo`, the `sudo` program performs several checks:
1. It checks the user's authentication (typically by asking for their password). 2. It reads its configuration file, primarily `/etc/sudoers`. 3. It verifies if the user executing `sudo` is listed in the `/etc/sudoers` file and is permitted to run the specified `command_to_run`. 4. It checks if the user is allowed to run the command as the requested target user (defaulting to root). 5. If all checks pass, `sudo` executes the `command_to_run` with the effective user ID and group IDs of the target user. 6. The execution of the command is typically logged.
Configuration (`/etc/sudoers`)
The behavior of `sudo` is controlled by the `/etc/sudoers` file. This file specifies which users or groups can run which commands, from which terminals, etc.
CRITICAL WARNING: Modifying the `/etc/sudoers` file incorrectly can result in syntax errors that may prevent *any* user (including potentially root, depending on the system configuration) from using `sudo`, effectively locking out administrative access. Therefore, this file should **only** be edited using the `visudo` command. `visudo` opens the sudoers file in a text editor and performs a syntax check before saving changes.
Basic syntax in `/etc/sudoers`:
User privilege specification
username ALL=(ALL:ALL) ALL
Group privilege specification
%groupname ALL=(ALL:ALL) ALL
- `username` or `%groupname`: Specifies the user or group. `%` prefix indicates a group.
- The first `ALL`: Specifies the hosts from which the command can be run (ALL means any host).
- `(ALL:ALL)`: Specifies the users (first ALL) and groups (second ALL) that the command can be run as. `(ALL:ALL)` means the user can run the command as any user or any group. `(root)` means only as root.
- The last `ALL`: Specifies the command(s) that the user is allowed to run. `ALL` means any command. You can specify specific command paths (e.g., `/usr/bin/apt`).
A common entry allowing a user administrative privileges without a password is:
username ALL=(ALL:ALL) NOPASSWD: ALL
Security Benefits
Using `sudo` is a cornerstone of secure system administration on Linux for several reasons:
- **Principle of Least Privilege:** Users are not permanently logged in with maximum privileges. They elevate privileges only for specific commands when needed.
- **Reduced Error Surface:** Running most commands as a regular user reduces the risk of accidentally modifying or deleting critical system files.
- **No Root Password Sharing:** Different administrators can have their own user accounts with `sudo` access, eliminating the need to share a single root password. If an administrator leaves, their `sudo` access can be revoked without changing the root password.
- **Logging:** A log of which user executed which command with `sudo` is typically maintained, providing an audit trail for security monitoring and troubleshooting.
Related Commands
- `su` (substitute user): Another command used to run commands as another user. By default, `su` without a username switches to the root user and typically prompts for the *target user's* password (i.e., the root password). `su -` starts a new login shell as the target user, inheriting their environment. `sudo` is generally preferred for day-to-day administration due to its logging and fine-grained configuration.
