sudo – execute command as another user

    sudo command
    sudo command

      sudo runs commands with elevated (root) privileges. It’s the standard way to perform administrative tasks without logging in as root.

      Synopsis

      sudo [OPTIONS] COMMAND

      Common Options

      OptionDescription
      -u USERRun as specified user (not root)
      -iLogin shell as target user
      -sRun shell as target user
      -lList allowed commands for user
      -kInvalidate cached credentials
      -vExtend credential timeout
      -EPreserve environment variables

      Examples

      Run command as root

      $ sudo apt update
[sudo] password for greys: 
...

      Edit system file

      $ sudo nano /etc/hosts
$ sudo vim /etc/ssh/sshd_config

      Run as different user

      $ sudo -u postgres psql
$ sudo -u www-data cat /var/www/.htaccess

      Get root shell

      $ sudo -i    # Login shell (loads root's profile)
$ sudo -s    # Shell without login

      List your sudo permissions

      $ sudo -l
User greys may run the following commands:
    (ALL : ALL) ALL

      Reset sudo timeout

      $ sudo -k    # Forget credentials, will prompt again

      Preserve environment

      $ sudo -E command    # Keep $HOME, $PATH, etc.

      Run command in background

      $ sudo nohup long_process &

      Common Patterns

      Edit protected file (safe way)

      $ sudoedit /etc/sudoers    # Uses $EDITOR safely

      Run last command with sudo

      $ apt update
E: Could not open lock file
$ sudo !!    # Runs: sudo apt update

      Chain commands

      $ sudo sh -c 'echo "127.0.0.1 test" >> /etc/hosts'

      Redirect output as root

      # This doesn't work (redirect runs as user):
$ sudo echo "test" > /etc/test.txt    # Permission denied

# This works:
$ echo "test" | sudo tee /etc/test.txt
$ sudo sh -c 'echo "test" > /etc/test.txt'

      Sudoers Configuration

      Edit with visudo (validates syntax):

      $ sudo visudo

      Example entries:

      # User can run all commands
greys ALL=(ALL:ALL) ALL

# User can run specific commands without password
greys ALL=(ALL) NOPASSWD: /usr/bin/apt, /usr/bin/systemctl

# Group can run commands
%admin ALL=(ALL) ALL

      Tips

      • Use visudo: Never edit /etc/sudoers directly
      • Least privilege: Grant only needed commands in sudoers
      • Audit: Sudo logs to /var/log/auth.log or /var/log/secure
      • Timeout: Default 15 minutes before re-prompting
      • NOPASSWD: Use sparingly, security risk

      See Also

      • su — Switch user entirely
      • visudo — Safely edit sudoers
      • whoami — Show current user
      • id — Show user and group IDs

      Tutorials

      Get in Touch

      IT Consultancy

      I'm a principal consultant with Tech Stack Solutions. I help with cloud architectrure, AWS deployments and automated management of Unix/Linux infrastructure. Get in touch!

      Search

      Recommended

      Educative

      Recent Articles

      How to Resize Filesystem With Resize2fs

      How To Resize Filesystem with resize2fs

      Quick note on filesystem resize on a typical …

      Post Thumbnail

      macOS Tahoe

      macOS Tahoe is the upcoming major release of macOS …

      Post Thumbnail

      Centralized Bash history with timestamps

      BASH is my Linux shell of choice (it’s zsh on …

      Post Thumbnail

      Inspect filesystem operations with fs_usage in macOS

      hey Unless you disable SIP, most of DTrace based …

      Post Thumbnail

      How-To: Upgrade Ubuntu 23.04 to 24.10

      I reliased one of my Raspberry Pi systems was …

      Post Thumbnail

      macOS Sequoia 15.0

      Apple keeps shipping public betas of macOS Sequoia …

      Post Thumbnail

      Video: Has This Worked Before?

      Another video on my YouTube channel …