When I started learning the Linux command line, I found myself memorizing commands for specific scenarios. Even if it wasn’t the best command for the job, I had my way of doing things, and that worked for me. When I started working in a more professional environment around people with years of experience and knowledge, I found that just because I could use a command didn’t mean I understood the command. Sometimes, just knowing how it’s not good enough. It helps to understand what is happening behind the scenes and why it uses specific arguments, flags, and objects. The sudo command is one I didn’t use often before. This choice is unthinkable now, and honestly, it makes me laugh at myself for assuming I knew what I was doing. I will explain this later; For now, let’s take a look at what the sudo command is, why it’s important, and how to set it up.
What is sudo?
You know those TV crime scenes where a plainclothes detective approaches and the uniformed officer prevents them from entering the area until they show their badge? We’ve all seen this drama unfold over the years, from the yellow ribbon to the torrential rain to the clichéd trench coats, but what happens next? The uniformed officer takes a look, realizes that this person belongs to the scene, and lets them pass. Sudo is your badge. It’s your “golden ticket,” your security clearance, and your permission to do whatever you want. Metaphor aside, sweat is your elevated privilege.
Sudo stands for “superuser do” and is the master key for your high-privilege administration tasks. Have you ever tried to edit a configuration file only to receive “Permission denied”? (The /etc/hosts file comes to mind.) If so, it was because your user account did not have access to that file. You need root or sudoer access. Previously, when I was doing things “my way”, I used to always use the su command (switch users) and logged in as root for these tasks. While this method works, it is not the best way to perform the necessary task in most cases.
Think about this: you need to root to edit a file, but forget to go back to your user account afterwards. At this point, a simple command-line error could cost you dearly as an administrator. I saw a colleague blow up the root directory of a back-end storage server for New York State because of this simple oversight. Fortunately, the data and his career were recoverable!
[ Free Download: Linux Advanced Command Cheat Sheet. ]
So how do I use sudo?
Simply preface of the desired command with sudo. Next, you will be asked for a password (you must enter your user account password, not the root one). For example, if you want to edit an important configuration file, you can use vi /etc/sudoers
:
However, when you do, you will encounter the error “Permission denied” or an equivalent
:
Now, try the same command preceded with sudo:
You will be asked for the password of your user account. After entering a correct credential, you will be granted read/write access to the file:
Now that you know how to use this command, let’s see how to configure the sudoers file
.
Become a superuser
The sudo privilege is granted on a per-user or per-group basis. To ensure that your account has this privilege, it must be added to the sudoers file. The file is located in /etc/sudoers and requires root permissions. To become a superuser, enter the following at the bottom of the file:
username ALL=(ALL) ALL //gives user “username” sudo access %wheel ALL=(ALL) ALL //Gives sudo access to all users belonging to the wheel
sudo group Doing this will give your user account all root privileges, So use them wisely.
Options and conclusions
Now that you understand the basic command and how to add your user account to the superuser configuration file, you’re probably ready to look for options and flags. There’s too much information on the manual pages to cover here, so I’ll simply leave a link so you can review the information for yourself.
Remember that sudo is the preferred way to use elevated privileges to perform a task safely. This tool is easy to use and set up, and doesn’t leave you exposed in a high-privilege account. Sometimes, there really is a better way.
Want to try Red Hat Enterprise Linux? Download it now for free.