Q&A on sudo and su

Q1. What is the difference between the commands - sudo and su ?

Ans. sudo is used to run a particular command with root permissions (prompts for current user’s password)

su is used to switch to any user account (prompts for password corresponding to the switched user)

Q2. What if I do not want to configure root password but still want to switch to root user ?

Ans. Try out ‘sudo su’ command

$ sudo su

[sudo] password for mylinuxbook:

root@mylinuxbook-Inspiron-1525: /home/mylinuxbook#

sudo was used to run su, system prompted for current user’s password rather than root password. After entering password, current account was switched to root account.

Q3. What if I want to use su to switch to other user accounts but do not want to remember each and every user’s password ?

Ans. Just use su command, enter root password and switch to root account.

From here, use su to switch to any user account without using passwords.

Q4. If sudo is used to execute something with root privileges then why does it ask for current users password and not root password ?

Ans. Any normal user cannot do a sudo and execute commands that require root privileges.

You, as an user have to be a sudoer too (means, You should have the privileges to use sudo)

If you are a valid sudoer, system prompts for your password just to confirm your action.

Q5. I observed that once I have used sudo, I still have root powers but after sometime things get back to normal. What is this ?

Ans. Linux (Ubuntu) remembers the sudo password for around 15 minutes.

This means that once you have used sudo to run a command, system will not prompt for password if you run other commands that require root privileges to run.

Q6. Can any user perform sudo operations ?

Ans. No, only trusted users or sudoers can perform sudo operations.

Q7. My root account password is still not active. Can I use sudo to activate root password ?

Ans. To activate the password for root user, you can use the ‘passwd’ command in the following way :

$ sudo passwd root

Q8. How can I grant specific rights to users ?

Ans. The configuration file for sudo is /etc/sudoers

It is always recommended to use visudo command for editing this file.

$ sudo visudo

Q9. Forgot to use sudo in Vim (if file can only be edited by root), is there any trick to save it ?

Ans. If you’ve forgot to give sudo when you’ve opened file that can be saved only by root user.

Instead of coming out of the file (and loosing all your changes) and executing the vim command again with sudo, you can do :

$ vim /etc/group

// - - - Edit the file

:w !sudo tee %

Q10. Forgot to give sudo for root command, is there any shortcut to execute it again without running again the full command with sudo ?

Ans. If you’ve forgot to give sudo for a command that requires root privilege :

$ head -n 4 /etc/sudoers

head: cannot open `/etc/sudoers' for reading: Permission denied

Instead of typing the command with sudo again, you can do :

$ sudo !!

sudo head -n 4 /etc/sudoers

Q11. How to get root shell access using Sudo ?

Ans.

$ sudo bash

Once you get the root shell, you can execute any root command without having to enter sudo in front of it every time.

Q12. Built in commands won’t work with Sudo, How can I run them ?

Ans. Build-in commands will not work when used along with sudo, Like :

$ sudo umask

sudo: umask: command not found

To use bash shell built-in command in sudo, first get the root shell, by doing ‘sudo bash’ and then execute the shell built in command.

Q13. How to view unauthorized sudo command executions ?

Ans. When an user who doesn’t have sudo permission and tries to execute sudo command the error message displayed.

$ sudo ls /

[sudo] password for test:

raj is not in the sudoers file. This incident will be reported.

All the incidents will be logged in the /var/log/auth.log file for sysadmins to view any unauthorized sudo access.

Sep 25 18:41:35 shaan sudo: raj : user NOT in sudoers ; TTY=pts/4 ; PWD=/home/raj ; USER=root ; COMMAND=/bin/ls /