Jump to content

What is sudo in Linux and why is it so important?


aum

Recommended Posts

Sudo stands for "superuser do" and gives a user access to administrator-like powers. Here's how to use this powerful tool.

 

gettyimages-1443325685.jpg?auto=webp&wid

Getty Images/MirageC

 

Back in the early days of Linux, things were exponentially more complicated. The distributions were far less mature and required a particular system account to get things done. That account was root -- and with it, you had unlimited power over your operating system.

 

To demonstrate the power of the root account, one trick you could always play on unsuspecting users was to tell them to change to the root user with the su command and then have them issue the following command:

 

rm -rf /

 

The rm command is used to delete files and folders. In conjunction with r (recursive) and f (force), you would delete everything from the root folder (/), thus rendering your system unusable.

 

 

Back then, any command that required administrative privileges was run via the root user. To do that, you either had to change to the root user (with the su command) or log in as the root user. Both of these options were eventually considered a security issue. A user could do anything if you logged in as the root user and walked away from your system.

 

Access to the root user meant that if a hacker gained access to your system, they could wreak havoc on the machine.

 

Eventually, it was decided something had to give. Out of that need, sudo was born. Sudo stands for "superuser do" and effectively allows a regular user (one that belongs to the admin group) access to administrator-like powers. This approach solved two problems:

 

  •     The root user could be deactivated (so it couldn't be as easily leveraged)
  •     Only users in the admin group (more on this in a bit) could run administrative tasks

 

Sudo also enabled administrators to add and remove users to or from the sudo group at any time, making it easier to control who has access. This shift was a significant step forward for Linux, which bolstered system security and made life easier for users.

 

With sudo in place, users no longer had to change to the root user or log in to that account to run administrative commands, such as installing software. Users could run those admin activities through sudo with the same effect as if run from the root user account.

 

Sudo offered better control over who could do what on any given system. When attempting to run a command that required admin privileges, a user only had to type their user password (also called their sudo password) and the command would go off without a hitch, so long as it was run properly.

 

For example, instead of having to first change to the root user with su and then issuing the update/upgrade commands on a Ubuntu-based distribution, a user could issue the following command:

 

sudo apt-get update && sudo apt-get upgrade -y

 

By running apt-get through sudo, the user is granted temporary admin privileges and can successfully issue the commands.


What about users not in the admin group?

 

Any user you want to grant access to has to be a member of the admin group for the distribution. For example, on Ubuntu-based distributions, that group is sudo. On Red Hat-based distributions, that group is called wheel.

 

If you have a user who isn't a member of the admin group, when they attempt to run a command with sudo, they'll see something like this:

olivia is not in the sudoers file.  This incident will be reported.

 

How do you fix that issue? You add them to the admin group. So, for an Ubuntu-based distribution, the command to add a user to the admin group would be:

 

sudo usermod -aG sudo USER

 

Here, USER is the username in question.

 

On a Red Hat-based distribution (such as Fedora), the command would be:

 

sudo usermod -aG wheel USER

 

Again, USER is the username in question.

 

After running the command, the user would then either have to log out and log back in, or make the system aware of the changes with the command:

 

newgrp

 

Once a user has been added to the admin group, they can use sudo to run commands that require admin privileges.

 

Sudo has made Linux more secure and user-friendly. No longer having to change to (or log in to) the root user account avoids some serious security pitfalls and allows you to manage user access to admin tasks.

 

Source

Link to comment
Share on other sites


  • Views 685
  • Created
  • Last Reply

Top Posters In This Topic

  • aum

    1

Popular Days

Top Posters In This Topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...