sudo Command Cheatsheet
The sudo (superuser do) command allows a permitted user to execute a command as the superuser or another user, as specified by the security policy. It is the primary tool for privilege escalation in modern Linux systems.
Common Usage and Options
| Command | Description |
|---|---|
sudo [COMMAND] | Executes a command with superuser privileges. You will be prompted for your password. |
sudo -i | Starts an interactive login shell as the root user. This is similar to `su -`, but uses your own password. |
sudo -l | Lists the commands you are allowed to run with `sudo`. This is a useful way to check your privileges. |
sudo -u [USER] [COMMAND] | Executes a command as a specified user instead of the superuser. |
sudo -k | Kills your current `sudo` authentication session. This forces a password prompt on the next `sudo` command. |
The sudoers File
The behavior of the sudo command is controlled by a configuration file, typically located at /etc/sudoers. This file defines which users can run which commands. **It is critical to never edit this file directly**; instead, you should use the visudo command, which validates the syntax before saving to prevent system-wide issues.
# Command to safely edit the sudoers file
sudo visudosudo vs su
While both commands are used for privilege escalation, their mechanisms differ:
- **
sudo**: Executes a single command with elevated privileges using the **user's own password**. It's considered more secure because it doesn't require sharing the root password. - **
su**: Switches to another user account (typically root), requiring the **other user's password**. It starts a new shell session.