Ubuntu sudo Command: The Correct Way to Perform Privilege Escalation

Ubuntu常用命令 Ubuntu sudo Command Linux Privilege Escalation Sudo Passwordless Configuration Basic Usage of sudo Ubuntu System Administration 2025-12-19 2 views

1. What is sudo?

In Ubuntu, sudo is an abbreviation for “superuser do”. Its purpose is to allow ordinary users to temporarily gain superuser (root) privileges to execute commands that require administrative rights.

For example: If you try to install software with a regular user account, you’ll get a “permission denied” error when using apt install directly. Using sudo apt install software-name allows you to “borrow” administrative privileges to complete the installation.

2. Why is sudo needed?

Directly using the root account (administrative account) to execute commands seems convenient, but it carries extremely high risks—root access is equivalent to “full control of the system,” and any accidental operation (e.g., deleting files) could crash the system.

sudo is a “secure privilege escalation” tool:
- It only grants temporary access to execute specific commands, which is revoked immediately after use.
- It avoids exposing the root password directly, reducing the risk of accidental mistakes.
- It is suitable for multi-user collaboration scenarios (e.g., when teams share servers, admins can assign partial permissions).

3. Basic sudo Usage

The syntax for sudo is very simple: sudo command.

Example 1: Installing software
Regular users can’t install software. Use sudo to elevate privileges: 

sudo apt install software-name  # Example: Install a text editor: sudo apt install nano

Example 2: Updating the system
System updates require administrative rights: 

sudo apt update   # Update the software source list
sudo apt upgrade  # Upgrade installed software

Example 3: Modifying system configuration files
For example, changing the time zone configuration: 

sudo nano /etc/timezone  # Open the timezone file with the nano editor

4. Common Options: Making sudo More Flexible

Beyond basic usage, sudo has useful options to address different scenarios:

1. Switch to root shell (temporarily run as root)
If you need to execute multiple root commands in a row, use sudo -i to directly enter the root environment (the prompt changes from $ to #): 

sudo -i  # Enter root shell
# Now you can run root commands directly (e.g., apt update, useradd)
exit     # Exit root shell

2. Execute commands as another user
Use sudo -u username command to temporarily run a command as a specific user (e.g., switching to the www-data user to update website files): 

sudo -u www-data ls /var/www/html  # View files in the web server directory

5. Passwordless Configuration: Reduce Repetitive Input

Repeatedly entering passwords with sudo can be tedious. You can configure passwordless sudo (suitable for personal computers or trusted environments):

1. Edit the sudoers file with visudo
The sudoers file controls sudo permissions. Directly editing it is risky, so use visudo for safe syntax checks: 

sudo visudo  # Open the sudoers configuration file

2. Add passwordless rules
Add a line at the end of the file (replace your_username with your actual username): 

your_username ALL=(ALL:ALL) NOPASSWD: ALL

Save and exit (press Ctrl+X in visudo, then Y to confirm).

Note: Passwordless sudo should be used cautiously. Avoid it on public computers or shared environments.

6. Common Issues and Precautions

  1. Forgot sudo password?
    - If the root account exists, switch to root with su - and reset the password: sudo passwd your_username.
    - If root is not enabled, contact the system administrator or use another administrative account.

  2. Command execution fails?
    - Check if the command is correct (e.g., typos).
    - Confirm if sudo is truly necessary (only use it when regular user permissions are insufficient).

  3. Absolutely forbidden operations!
    - Never use sudo rm -rf / (deletes the entire root directory, rendering the system unusable).
    - Avoid sudo apt install --force-yes (may cause dependency conflicts).

7. Summary

sudo is the core tool for privilege escalation in Ubuntu, simplifying “safe system management”:
- Use cases: Installing software, modifying system configurations, updating the system.
- Use options: Temporarily switch to root, execute commands as another user.
- Use rules: Configure passwordless sudo for efficiency, but balance security.

Remember: sudo is a “tool,” not a “privilege”—using it correctly prevents 90% of system issues.

(End)

Related Articles

Ubuntu System Information: Viewing Hardware Configuration with lscpu/lspci 2025-12-19 Ubuntu Newbie Guide: How to Use the cd Command? 2025-12-19 Nanny-Level Tutorial: Detailed Explanation of the ls Command in Ubuntu 2025-12-19 Essential Ubuntu: Using the pwd Command to View Current Directory Path 2025-12-19 Quick Start: Creating Folders with Ubuntu mkdir 2025-12-19
Xiaoye