Sudo; at some point or another while browsing the web in relation to GNU/Linux, I’m sure those of you who are new to this world would have come across this word/command.
If you’ve followed any number of tutorials scattered across the web, good chance you have used sudo before. But, what is sudo? In short, sudo is, “Super user do,” which grants the non-privileged user the ability to perform tasks that only an administrator / root, can do.
You’ve probably already encountered the use of sudo even if you haven’t popped open a terminal window, for that matter. Or even if you have NEVER USED GNU/LINUX before, I bet you’ve used sudo (or something very similar at least) even on Windows or Mac!
If you’re using Windows from Vista onward, you no doubt at least once have encountered Windows UAC (User Account Control), which albeit is NOT the sudo command and does things a little differently; for simplicity sake we could say that it’s similar enough.
GNU/Linux users who try to do something that requires administrative privileges will also encounter a pop up box asking for their password just the same, which is usually done via gksudo/kdesudo or other graphical wrappers; in simple terms they are sudo being done graphically rather than through a terminal.
Yes, gksudo/kdesudo runs a little bit deeper than that, but granted that this article is aimed at beginners, we won’t delve into the deeper aspects of gksudo/kdesudo etc VS sudo.
Mac users also experience something similar when they try to perform administrative tasks, being required to enter their password via MacOS’s own system that runs on a similar functionality to Windows UAC. Again, not quite sudo, but very similar in functionality.
Using sudo is literally just as simple as prefacing nearly any command with it.
Such as typing: sudo nano /etc/nginx/nginx.conf
This command will open the specified file with the nano text editor, with raised privileges.
Editing files, pasting files, moving files, saving files, or anything short of simply viewing files as read-only, when touching files stored in root only locations, will require either the use of sudo or being superuser (su).
There are multiple reasons why it’s preferred that users use sudo, rather than logging in as root via the su command; primarily for safety and security.
When you log into your command line as su, you remain as su until you either lower your privileges, or close the command line. Sure, this enables the lazy user to have to type less by not needing to preface your commands with sudo anymore, however, this also opens the door to more potential mistakes that could become very costly; one wrong command and you could literally erase your entire hard drive.
Another reason why it’s advised not to log into your system as root, or if you want to go a step above and actually entirely disable the root account, is for security against malicious adversaries. If you have a terminal logged in as root left open on your machine, ANYONE can sit down in front of that machine and have complete administrative access.
A third reason, is because of logging differences. Typically everything you do via the sudo command is logged, on the other hand your system usually only logs the authorization of becoming su. The average user won’t really be reading a lot of these sorts of logs anyway, but for the powerusers out there this can be important.
I won’t be getting into the sudoers file, giving sudo access, limiting sudo access to specific commands etc in this article as that goes a little beyond the beginner knowledge this article was intended for. However, hopefully this gives some new GNU/Linux users a little more comprehension about exactly what sudo is, does, and its usage.
If you like our content, and would like to help, please consider making a contribution: