Kahibaro
Discord Login Register

2.4.5 Using sudo

Why `sudo` Exists

On most Linux systems, everyday work is done as an unprivileged user. Some tasks (installing software, changing system config, managing users, etc.) require root (administrator) privileges.

sudo (“superuser do”) lets you run just one command (or a small set of commands) with elevated privileges, instead of logging in as root.

Key ideas specific to sudo:

Basic `sudo` Usage

Running a single command as root

To run a command as root:

bash
sudo command [arguments]

Examples:

bash
sudo apt update
sudo rm /etc/some-config
sudo systemctl restart ssh

Only the command after sudo runs with elevated privileges; your shell session remains your normal user.

The `sudo` password prompt

When you run sudo:

You can force sudo to ask again by clearing the timestamp:

bash
sudo -k

After this, the next sudo will ask for your password again.

Common `sudo` Options

You will most often see:

Example:

bash
sudo -l

This shows the sudo rules that apply to your user.

Editing Files with `sudo`

Avoid common traps with text editors

If you try to edit a system file like:

bash
nano /etc/hosts

you will likely get a “permission denied” error. You need sudo:

bash
sudo nano /etc/hosts

This runs nano itself with elevated privileges, so it can save the file.

Do not do:

bash
nano /etc/hosts
# edit...
sudo cp /tmp/something /etc/hosts

or similar “workarounds” without understanding permissions, because you can easily break ownership or permissions on important files.

Using `sudo` with graphical editors

Graphical editors can be trickier. On desktop systems, you may see helpers like pkexec or dedicated “Edit as Administrator” options. How this works is distribution/desktop-specific, so follow your distro’s documentation rather than inventing workarounds.

For now, as a beginner, prefer:

Running a Shell or Command as Another User

While sudo is most often used to run commands as root, it can run things as another user too.

Running as a different user

bash
sudo -u username command

Example: run a command as user www-data:

bash
sudo -u www-data whoami

This prints www-data.

If you omit -u, it defaults to root.

Starting a root shell

Sometimes you want an interactive root shell (use sparingly):

bash
sudo -i

Another variant:

bash
sudo -s

Be very careful inside a root shell. Every command has full power over the system.

Good Practices and Safety with `sudo`

Minimize `sudo` usage

Check commands before pressing Enter

Because sudo gives a command high privileges, double-check:

It’s easy to cause irreversible damage as root.

Avoid `sudo` in dangerous combinations

Some examples to be careful with:

If you’re not sure what a command does, don’t add sudo “just to make it work.” Understand the command first.

Environment and `sudo`

When you use sudo, the environment (PATH, variables, etc.) may change.

Typical differences:

If a command works as your user but not with sudo (or vice versa), it may be because:

You can inspect the environment root gets by running:

bash
sudo env

For beginners, don’t try to “fix” this by using insecure options (sudo -E or complex sudoers tweaks) unless you understand the risks.

`sudo` and Logs

Most systems log sudo usage, for example in /var/log/auth.log or via journalctl. This lets administrators see:

This logging is one motivation for using sudo instead of directly logging in as root.

Very Brief Look at `sudo` Configuration

The detailed configuration of who can run what with sudo is controlled by the sudoers system (the sudoers file and potentially included files).

At a beginner level, you mainly need to know:

You’ll encounter sudoers and more advanced configuration in later, more advanced chapters.

Views: 72

Comments

Please login to add a comment.

Don't have an account? Register now!