It also allows a user to run different programs with the root privileges. Sudo is available in most Linux-based operating systems. This article will explain everything about "su" and "sudo" privileges and why it is important for any Linux operating system.
Remember, "su," and "sudo" commands depend on the type of Linux operating system you are using, such as OpenSuSE, Ubuntu, Red Hat, Debian, etc.
What is the "su" Command?
The "su" command is used for switching from one account to another, so users need to provide a password for the system. Here is the simple example of the "su" command:
As you can see in the above image, we have switched the account as a root user using the "su" command and providing the password.
What is the "sudo" Command?
The "sudo" command is used to access your user account with all root privileges. Remember, the root privileges of the "sudo" command are only valid for a brief time. Hence, you can use the sudo privileges once it expires and you need to enter, and you have to enter the password again for regaining root privilege.
Many people believe that "sudo" and "su" are the same commands. However, root privileges can become dangerous, so the "sudo" command offers more secure privileges than "su". Therefore, it is important to understand the use of these commands before implementing them. Here is the example of the sudo command in which we have used the sudo -l command to list any sudo privileges of a user.
A sudo command is used for providing permission to a specific command which you want to execute.
How to Grant the Sudo Privileges
Most of the latest Linux distros, a single-user system, provide the sudo privileges to the user. So a server with various user accounts may exclude the users from the complete user privileges. We recommend you only use the privileges when it is required to perform a task.
Debian and Ubuntu
In the Debian/Ubuntu operating system, a sudo group works to control the sudo users. You can add a user to a sudo group through the below command:
usermod -aG sudo <username>
RedHat and CentOS
In Redhat/CentOS, a wheel group works to control sudo users. So you can add the user to a wheel group through this command:
usermod –aG wheel <username>
In both of the commands, replace the <username> with the username you want to enter. Remember, you have to log in as the administrator, or you can use the su command.
How to Use Visudo and Sudoers Group
In the latest versions of Linux operating systems, you can add users to the sudoers file for granting the privileges. You can do it using the visudo command. Here, the visudo command is used for editing the configuration file.
This command will open /etc/sudoers to make changes in it. You can use the following command for adding the user and grant the complete sudo privileges:
[username] ALL=(ALL:ALL) ALL
Now you can save the file to make changes successful. Below is the breakdown of the provided sudo privileges:
[username] [any-hostname]=([run-as-username]:[run-as-groupname]) [commands-allowed]
Problems with Sudo
- According to the users, sudo is less efficient, and centralized administration requires higher time to build and distribute the sudoers file across a server.
- Sudo opens up a security risk as the local file controls it. Security admin requires to distribute the files correctly. Sudo configuration files are stored so that a local administrator can easily perform modifications.
- Sudo can't link multi-factor authentication as part of a privileged user authorization process.
- Sudo can create compliance-related problems because the auditor does not like the distributed config files as they use a "static trust". Hence, using sudo may result in passing the audits.
Usage of Sudo Privileges
Now we will explain different usage of sudo privileges in Linux.
Basic Sudo Usage
Open the terminal from the search menu. In the terminal, execute the following command:
After executing the command, you will get an error message because the system requires permission to start the procedure.
Now try to execute the following command:
sudo apt-get update
After executing the command, the system will ask you to provide a password to begin the system update procedure.
Run Command as the Different User
If you want to run the command as another user, then open the terminal and execute the following command:
After executing the above command, the terminal will show your username, execute the below command to display a different name:
sudo –u [different_username] whoami
Once you execute the command, the system will ask you about the password, enter your password to proceed.
Switch to a Root User
The below command works to switch the command prompt to a bash shell as the root user:
After executing the above command, the command line will get changed to:
Execute Old Commands with sudo
Linux always records the previously executed commands in the command line, and you can access these commands by pressing the up arrow button on your keyboard. You can use the below command to repeat the last command:
As you can see in the above image, we have executed sudo apt-get update; then we use sudo !! to repeat the previous command.
Use Different Commands in One Line
You can easily run multiple commands together using the following command with sudo:
sudo ls; whoami; hostname
As you can see in the image below, we get multiple outputs using a single command line.
Add a String of Text to a File
You can add a string of text to a specific file and add the name of the software repository to a source file without opening it. Use the following command for it:
echo ‘string-of-text’ | sudo tee –a [path_to_file]
Here you can see the example in the image:
Those were the complete details on the "su" and "sudo" privileges and why they are useful for a Linux user. sudo and su are both different commands as they offer different types of privileges to a user. In our opinion, sudo is more reliable than su, so you can use sudo for completing your daily tasks.
On the other hand, we have covered different usage of sudo privileges to help you understand its importance for the Linux operating system. It is better to use sudo if you are performing any specific task which requires administrative permissions.