Close Menu
    Linux Fundamentals

    Sudo Command: Can Give Super Power Ability in Linux

    Lipson Thomas PhilipBy Updated:No Comments5 Mins Read

    Introduction

    The sudo command was created and developed by Bob Coggeshall and Cliff Spencer at the Department of Computer Science at SUNY/Buffalo about 1980. It was run on a VAX-11/750 with 4.1BSD. In December 1985, an upgraded version ascribed to Phil Betchel, Cliff Spencer, Gretchen Phillips, John LoVerso, and Don Gworek was submitted to the net.sources Usenet newsgroup.

    The sudo command is one of the primary and essential commands for any Linux user. The meaning of the sudo command is Super User Do. It gives power to the user to run any particular commands in superuser mode. This command is present in Windows also as the “Run As Administrator option”.

    Advertisement

    Linux limits tools and commands to change the packages or dependencies by default. The best example is when users want to install a new tool, they must specify the sudo command first. It protects Linux to crashed or any other technical problem.

    The sudo command acts as a security policy for execution in Linux. The user-id is used to check whether the username can use the sudo command. This command supports a plugin architecture for security policies, auditing, and input/output logging. Third parties can create and distribute plugins that function flawlessly with the sudo command. Still, they must guarantee that the plugin does not include any vulnerabilities that might be exploited to take control of the Linux system.

    sudoers file

    The default security policy is sudoers, which may be changed using the /etc/sudoers file or LDAP. Every user using this command must be listed in the sudoers file. Remember to use the sudo command to change or see the sudoers file. Users should use the “visudo” command to modify the sudoers file. By default, sudo requires users to authenticate themselves using their own password rather than the root password.

    Options or parameters

    -A, –askpass: It will use a helper program for password prompting.

    -b, –background: It will run a command in the background.

    -B, –bell: It will make a noise like a bell when prompted.

    -C, –close-from=num: It will close all file descriptors >= num.

    -D, -chdir=directory: It will change the working directory and run the command.

    -E, –preserve-env: It will preserve the user environment during the execution of the command.

    –preserve-env=LIST: It will help to preserve the specific environment variables.

    -e, –edit: To edit files instead of running a command.

    -g, –group=group: To run the command as the specified group name or ID.

    -H, –set-home: It will set the HOME variable to target the user’s home dir

    –help: To display help message and exit.

    -h, –host=host: It will run the command on the host (if supported by the plugin).

    -i, –login: To run login shell as the target user.

    -K, –remove-timestamp: To delete the timestamp file.

    -k, –reset-timestamp: It will invalidate the timestamp file.

    -l, –list: List the user’s privileges or check a specific command.

    -n, –non-interactive: To activate the non-interactive mode, no prompts are used.

    -P, –preserve-groups: It will preserve the group vector instead of setting it to target.

    -p, –prompt=prompt: To use the specified password prompt.

    -R, –chroot=directory: To change the root directory before running the command.

    -r, –role=role: create SELinux security context with the specified role.

    -S, –stdin: It will read the password from the user’s standard input.

    -s, –shell: To run a shell as the target user.

    -t, –type=type: It will create an SELinux security context with a specified type.

    -T, –command-timeout=timeout: To terminate the command after the specified time limit set by the user.

    -U, –other-user=user: in list mode, display privileges for username or ID.

    -u, –user=user: run command (or edit file) as specified username or ID.

    -V, –version: display version information and exit.

    -v, –validate: update the user’s timestamp without running a command.

    –: stop processing command line arguments.

    How to use the command?

    Syntax: sudo <command>

    Usage

    1. To install any tool in Linux.

    For example, try to install steghide in Parrot Security OS.

    Installing steghide in Linux

    where sudo: Gives root permission to install the tool.
    apt-get: An Advanced Package Tool (APT) library.
    install: A flag which represents the tool will install.
    steghide: A steganography tool.
    -y: A flag which indicates to install it and its dependencies (if required).

    1. To change the terminal to root terminal.
    sudo command with su command

    where su: su is a command which means Substitute user or switch user. Here, it is changing the normal user to the root user.

    Video Explanation

    Source: YouTube | Channel: Linode

    Conclusion

    The sudo command is one of Linux’s fundamental and essential commands. Blocking root privilege while installing a new Linux distribution helps prevent the system from crashing. It’s good that a user with complete knowledge can modify this command using the sudoers file.

    Frequently Asked Questions (FAQ)

    0 0 votes
    Article Rating
    Advertisement
    Share.

    Lipson Thomas Philip is a student of Masters in Network and Information Security at Griffith College, Limerick. He has done an internship in Cyber Cell, Gurugram 2021. His motive is to learn on a daily basis. As somebody said "Never stop learning". You learn new things knowing or unknowingly and as your life changes day by day.

    Related Posts

    Subscribe
    Notify of
    guest

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    0 Comments
    Oldest
    Newest Most Voted
    Inline Feedbacks
    View all comments
    0
    Would love your thoughts, please comment.x
    ()
    x