sudo command stands for SUbstitute User Do. It allows you to run any Bash command as a substitute user.
sudo command is most commonly used to run a command as the root user that has full permissions to everything on the machine.
When using the
sudo command to execute a command as a different user, your user must be in the
sudoers file. You will be prompted to enter your password to authenticate the user and execute a command as another user. Ubuntu by default adds all new general users to the
sudoers file. There is a
sudoer bash command for managing the
sudoers file. The
sudoer file exists in the
Let’s take a look at how to use the powerful
whoami command simply displays the current user.
Go ahead and execute the
This makes a lot of sense. We are the
whoami command as the daemon user
Run the same command this time as the
sudo -u daemon whoami:
You will be prompted to enter your password, which if you followed the configuration guide in this course should be admin. As you type nothing will be displayed on the terminal, this is a security feature so someone that can see your terminal will not know what your password is. After typing your password hit enter. Assuming your password was correct you should see the following:
As we can see we ran the
whoami command as the
daemon user and so the display reads
whoami command as the root user
The default for the
sudo command is to execute the command as the
Running a command as the
root user is sometimes necessary. You may need to read, or edit a file that your current user doesn’t have read or write access to. However, the
root user always has read, write, and execute access to all files. Making
sudo [command] a very useful tool to have in your pocket.
As an example let’s say we needed to read the contents of the mysterious
student user doesn’t have read access to this file. So we can run the same command as
sudo cat /etc/shadow
Running the command as the
root user gave me read access to the file. General user’s do not have read access to this file because the file lists all users and their hashed password.
You can see clearly that the
student user’s hashed password is:
A hashed password can be cracked using a rainbow table, which goes way outside the scope of this class. However, knowing that a hashed password can be cracked illustrates why general users do not have access to read the