Skip to content
geeksforgeeks
  • Tutorials
    • Python
    • Java
    • Data Structures & Algorithms
    • ML & Data Science
    • Interview Corner
    • Programming Languages
    • Web Development
    • CS Subjects
    • DevOps And Linux
    • School Learning
    • Practice Coding Problems
  • Courses
    • DSA to Development
    • Get IBM Certification
    • Newly Launched!
      • Master Django Framework
      • Become AWS Certified
    • For Working Professionals
      • Interview 101: DSA & System Design
      • Data Science Training Program
      • JAVA Backend Development (Live)
      • DevOps Engineering (LIVE)
      • Data Structures & Algorithms in Python
    • For Students
      • Placement Preparation Course
      • Data Science (Live)
      • Data Structure & Algorithm-Self Paced (C++/JAVA)
      • Master Competitive Programming (Live)
      • Full Stack Development with React & Node JS (Live)
    • Full Stack Development
    • Data Science Program
    • All Courses
  • Shell Scripting
  • Kali Linux
  • Ubuntu
  • Red Hat
  • CentOS
  • Docker in Linux
  • Kubernetes in Linux
  • Linux interview question
  • Python
  • R
  • Java
  • C
  • C++
  • JavaScript
  • DSA
Open In App
Next Article:
Run commands as root with sudo
Next article icon

Run commands as root with sudo

Last Updated : 17 Jun, 2021
Comments
Improve
Suggest changes
Like Article
Like
Report

Introduction - 
Linux follows the very tough permission model. A root user can do anything but normal user has no permissions. To run any command, they need to ask for permissions from the superuser. The easy and common way to grant administrative privileges to non-root users is, a user can use su command and temporarily become the root but users must know the root's password. In corporate world this is very dangerous because all the privileges of root are granted to any user, who can do anything. For Example - 

[userA@rhel7 ~]$ su - Password:


It's asking for the password of superuser. 

To overcome above mentioned risk, sudo command comes in trend. It allows a user to run a command as a root or as any other user after providing the user's own password for authentication. These information are defined in the /etc/sudoers file. Before describing "sudo" command I want to talk a bit about visudo 

What is visudo - 
visudo is a command to edit configuration file for sudo command located at /etc/sudoers.You should not edit this file directly with normal editor, always use visudo for safety and security. Editing /etc/sudoers file requires superuser's privileges. 

visudo command cannot allow to edit /etc/sudoers file simultaneously by just locking the file and if someone tries to access the same it will get a message to try later. 

[root@rhel7 ~]# visudo visudo: /etc/sudoers busy, try again later


It also checks the syntax of edits and provide basic sanity checks which are very helpful. If it identifies any error, then visudo won't allow to save the file with edits. 

Set rules in sudoers file - 
A common question arises in everyone's mind, how we define the rules in sudoers file? So, before editing it's better to understand the existing configuration which defines which users can run what software on which machines. Syntax of pre-defined rule is given below - 

root    ALL=(ALL:ALL) ALL

This allows root to run any command anywhere.Meaning of this line is -  

username    hosts=(users:groups)    commands

ALL means, the user can run all commands on all hosts, as all users and groups. So, root has all the privileges to run any command as any user or group. 

Let considered an example and provide ALL power to userA as root.  

userA   ALL=(ALL:ALL)   ALL

If you wish to use command without password then use PASSWD parameter -  

userA    ALL(ALL:ALL)    NOPASSWD:ALL

In below example userA only start, stop and restart the "httpd" service  

userA   ALL=(root)      /usr/bin/systemctl, /usr/sbin/httpd start stop restart

User can check whether the command is working or not. Then follow the below procedure to check -  

[root@rhel7 ~]# su - userA Last login: Thu Sep 13 15:01:18 EDT 2018 on pts/0 [userA@rhel7 ~]$ sudo -u root systemctl stop httpd [sudo] password for userA: [userA@rhel7 ~]$

Note - We can also use vim with visudo.  

export VISUAL=vim; visudo

Using nano with visudo  

export VISUAL=nano; visudo


Assign privileges to a group - 
You can assign similar privileges to multiple users just by making a group them. There is one predefined group is in sudoers file. Members of this group can use sudo to run any commands as any user, including superuser. We can add users to this group. It is normally configured like -  

%wheel  ALL=(ALL)       ALL

Use command to add user in wheel group -  

usermod -aG wheel username


 


Next Article
Run commands as root with sudo

M
Mausami_Inhe
Improve
Article Tags :
  • Linux-Unix

Similar Reads

    Running previous command with sudo
    In the same way, sudo is used to execute any command that requires superuser privileges in Unix-like operating systems. At times, one executes some commands yet forgets to invoke them under sudo. Rather than rewriting all that again, you may use one simple trick: rerun the last command with 'sudo'.
    3 min read
    sudo Command in Linux with Examples
    sudo (Super User DO) command in Linux is generally used as a prefix for some commands that only superusers are allowed to run. If you prefix any command with "sudo", it will run that command with elevated privileges or in other words allow a user with proper permissions to execute a command as anoth
    8 min read
    exit command in Linux with Examples
    The 'exit' command is a fundamental command in Linux used to exit the current shell session. This command is widely used in scripting and command-line operations, allowing users and scripts to terminate a session or a process in a controlled manner. The 'exit' command can take an optional parameter
    2 min read
    usermod command in Linux with Examples
    usermod command or modify user is a command in Linux that is used to change the properties of a user in Linux through the command line. After creating a user we have to sometimes change their attributes like password or login directory etc. so in order to do that we use the Usermod command. The info
    4 min read
    How to Create a new group in Linux | groupadd command
    In the Linux operating system, user management is a crucial aspect of system administration. One of the fundamental tasks is creating and managing user groups. Groups in Linux allow administrators to organize and control user access to various resources and files. The groupadd command is a powerful
    7 min read
geeksforgeeks-footer-logo
Corporate & Communications Address:
A-143, 7th Floor, Sovereign Corporate Tower, Sector- 136, Noida, Uttar Pradesh (201305)
Registered Address:
K 061, Tower K, Gulshan Vivante Apartment, Sector 137, Noida, Gautam Buddh Nagar, Uttar Pradesh, 201305
GFG App on Play Store GFG App on App Store
Advertise with us
  • Company
  • About Us
  • Legal
  • Privacy Policy
  • In Media
  • Contact Us
  • Advertise with us
  • GFG Corporate Solution
  • Placement Training Program
  • Languages
  • Python
  • Java
  • C++
  • PHP
  • GoLang
  • SQL
  • R Language
  • Android Tutorial
  • Tutorials Archive
  • DSA
  • Data Structures
  • Algorithms
  • DSA for Beginners
  • Basic DSA Problems
  • DSA Roadmap
  • Top 100 DSA Interview Problems
  • DSA Roadmap by Sandeep Jain
  • All Cheat Sheets
  • Data Science & ML
  • Data Science With Python
  • Data Science For Beginner
  • Machine Learning
  • ML Maths
  • Data Visualisation
  • Pandas
  • NumPy
  • NLP
  • Deep Learning
  • Web Technologies
  • HTML
  • CSS
  • JavaScript
  • TypeScript
  • ReactJS
  • NextJS
  • Bootstrap
  • Web Design
  • Python Tutorial
  • Python Programming Examples
  • Python Projects
  • Python Tkinter
  • Python Web Scraping
  • OpenCV Tutorial
  • Python Interview Question
  • Django
  • Computer Science
  • Operating Systems
  • Computer Network
  • Database Management System
  • Software Engineering
  • Digital Logic Design
  • Engineering Maths
  • Software Development
  • Software Testing
  • DevOps
  • Git
  • Linux
  • AWS
  • Docker
  • Kubernetes
  • Azure
  • GCP
  • DevOps Roadmap
  • System Design
  • High Level Design
  • Low Level Design
  • UML Diagrams
  • Interview Guide
  • Design Patterns
  • OOAD
  • System Design Bootcamp
  • Interview Questions
  • Inteview Preparation
  • Competitive Programming
  • Top DS or Algo for CP
  • Company-Wise Recruitment Process
  • Company-Wise Preparation
  • Aptitude Preparation
  • Puzzles
  • School Subjects
  • Mathematics
  • Physics
  • Chemistry
  • Biology
  • Social Science
  • English Grammar
  • Commerce
  • World GK
  • GeeksforGeeks Videos
  • DSA
  • Python
  • Java
  • C++
  • Web Development
  • Data Science
  • CS Subjects
@GeeksforGeeks, Sanchhaya Education Private Limited, All rights reserved
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox
Improvement
Suggest Changes
Help us improve. Share your suggestions to enhance the article. Contribute your expertise and make a difference in the GeeksforGeeks portal.
geeksforgeeks-suggest-icon
Create Improvement
Enhance the article with your expertise. Contribute to the GeeksforGeeks community and help create better learning resources for all.
geeksforgeeks-improvement-icon
Suggest Changes
min 4 words, max Words Limit:1000

Thank You!

Your suggestions are valuable to us.

What kind of Experience do you want to share?

Interview Experiences
Admission Experiences
Career Journeys
Work Experiences
Campus Experiences
Competitive Exam Experiences