Thanks to visit codestin.com
Credit goes to www.geeksforgeeks.org

Open In App

sudo Command in Linux with Examples

Last Updated : 08 Nov, 2025
Comments
Improve
Suggest changes
12 Likes
Like
Report

The sudo (short for Superuser Do) command is one of the most important commands in Linux. It's a prefix you add to other commands to run them with the administrative privileges of another user (by default, the root user).

Secure way to handle administrative tasks. You use sudo because:

  • It's Safer: You don't need to log in as the all-powerful root user for simple tasks. You just "borrow" root's power for one command.
  • It's Auditable: When a user runs a sudo command, it's logged in /var/log/auth.log. This creates an audit trail, so you know who ran what command and when.
  • It's Granular: The system administrator can precisely control which users can run which commands using the sudoers file.

Syntax for sudo command: 

sudo -V | -h | -l | -v | -k | -K | -s | [ -H ] [-P ] [-S ] [ -b ] | [ -p prompt ] [ -c class|- ] [ -a auth_type ] [-r role ] [-t type ] [ -u username|#uid ] command

sudo vs. su (The Critical Difference)

This is the most important concept to understand.

  • su (Substitute User):
    • Goal: To become another user (e.g., su -).
    • Password: Asks for the TARGET USER'S password (e.g., the root password).
    • Why it's less secure: It requires sharing the root password, which is a bad practice.
  • sudo (Superuser Do):
    • Goal: To run a command as another user.
    • Password: Asks for YOUR OWN password.
    • Why it's more secure: It proves you are at the keyboard, and the system checks if you are authorized. The root password is never shared.

Options Available in the sudo Command

Options                                                                                                             DescriptionSyntax
-VThe -V (version) option causes sudo to print the version number and exit. If the invoking user is already root, the -V option will print out a list of the defaults sudo was compiled with. 
sudo -V
-lThe -l (list) option will print out the commands allowed (and forbidden) the user on the current host. 
sudo -l
-h or --helpThe -h (help) option causes sudo to print a usage message and exit.
sudo -h
-vIf, given the -v (validate) option, sudo will update the user's timestamp, prompting for the user's password if necessary. This extends the sudo timeout for another 5 minutes (or as given in sudoers) but does not run a command. This does not give any output. 
sudo -v
-kThe -k (kill) option to sudo invalidates the user's timestamp. So, the next time sudo is run a password will be required. This option does not require a password and was added to allow a user to revoke sudo permissions from a logout file. 
sudo -k
-KSimilar to the -k option, the -K (sure kill) option is used to remove the user's timestamp entirely. Likewise, this option does not require a password. 
sudo -K
 -bThe -b (background) option tells sudo to run the given command in the background. Note that if you use the -b option you cannot use shell job control to manipulate the process. 
sudo -b [command]

(replace "command" with the command you want run in the background)

-pthe sudo -p prompt command allows you to customize the password prompt that sudo displays when it requests the user's password. By default, sudo will display a generic password prompt that looks like
sudo -p "Enter your password" [command]

(replace "command" with the command you want run in the background)

 -nThe -n option allows sudo to execute a command without prompting for a password. This option is useful when running sudo commands as background jobs or in a shell script. The -n option stands for non-interactive.
sudo -n [command]

(replace "command" with the command you want run in the background)

-uThe -u option causes sudo to run the specified command as a user other than root. To specify a UID instead of a username, use #uid.
sudo -u [user] [command]

(replace "command" with the command you want run in the background)

-sThe -s option runs the shell specified by the SHELL environment variable if it is set or the shell as specified in the file passwd.
sudo -s [command]

(replace "command" with the command you want run in the background)

-HThe -H option sets the HOME environment variable to the home directory of the target user (root by default) as specified in passwd. By default, sudo does not modify HOME.
sudo -H [command]

(replace "command" with the command you want run in the background)

-SThe -S option causes sudo to read the password from standard input instead of the terminal device.
sudo -S [command]

(replace "command" with the command you want run in the background)

-aThe -a option causes sudo to use the specified authentication type when validating the user, as allowed by /etc/login.conf. The system administrator may specify a list of sudo-specific authentication methods by adding an "auth-sudo" entry in /etc/login.conf.
sudo -a [auth-type] [command]

(replace "command" with the command you want run in the background)

--The -- flag indicates that sudo should stop processing command line arguments. It is most useful in conjunction with the -s flag.
sudo -- [command]

(replace "command" with the command you want run in the background)

The output of few commands

1. sudo -v (Validate):- This will "validate" your sudo timestamp, resetting the 5-15 minute timer without running a command. 
 

sudo -V
sudo -V

2. -l: The -l (list) option will print out the commands allowed (and forbidden) the user on the current host. 

sudo -l
sudo -l


3. -h or --help: The -h (help) option causes sudo to print a usage message and exit. 

sudo -h
sudo -h

Environment Variables

These environment variables are used by sudo 

TagDescription
EDITOR 
 		Default editor to use in -e (sudoedit) mode if VISUAL is not set 
HOME 
 		In -s or -H mode (or if sudo was configured with the 
--enable-shell-sets-home option), set to homedir of the target user 
PATH 
 		Set to a sane value if the secure_path sudoers option is set. 
SHELL 
 		Used to determine shell to run with -s option 
SUDO_PROMPT 
 		Used as the default password prompt 
SUDO_COMMAND 
 		Set to the command run by sudo 
SUDO_USER 
 		Set to the login of the user who invoked sudo
SUDO_UID 
 		Set to the uid of the user who invoked sudo 
SUDO_GID 
 		Set to the gid of the user who invoked sudo 
SUDO_PS1 
 		If set, PS1 will be set to its value
USER Set to the target user (root unless the -u option is specified) 
VISUAL 
 		Default editor to use in -e (sudoedit) mode 

M

Magisk
Improve
Article Tags :

Explore

Lightbox