Hong's Tech Blog

Hong's Tech Blog

Cheatsheet & Examples: sudo

UpdatedNovember 19, 2025

•4 min read

I am a developer from Malaysia. I work with PHP most of the time, recently I fell in love with Go. When I am not working, I will be ballroom dancing :-)

Part of seriesCommon Tasks

The sudo command allows a permitted user to execute a command as the superuser (root) or another user, providing elevated (administrator) privileges.

Run a Command as Root

Example Usage: sudo apt update

What it does: Runs the apt update command with root privileges to refresh package lists.

Command-line Arguments Explained:

sudo: Executes the following command with elevated privileges.
apt: Package management tool used on Debian-based systems.
update: Refreshes the local package index.

Run a Command with a Specific User

Example Usage: sudo -u www-data ls /var/www

What it does: Runs the ls /var/www command as the user www-data.

Command-line Arguments Explained:

sudo: Grants elevated or user-specified privileges.
-u: Specifies which user to run the command as.
www-data: The user account to use (in this case, web server user).
ls: Lists files in a directory.
/var/www: The directory path to list.

Example Usage: sudo -i

What it does: Starts a root login shell, loading root user's environment variables and working directory.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
-i: Simulates an initial login shell for the target user (default is root).

Edit Files with Elevated Privileges

Example Usage: sudo nano /etc/hosts

What it does: Opens the /etc/hosts file in nano editor with root privileges for editing.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
nano: Command-line text editor.
/etc/hosts: File to open and edit.

Run a Command Without Prompts for Password (If Permitted)

Example Usage: sudo -n systemctl restart apache2

What it does: Attempts to restart Apache2 service without prompting for a password. If password is required, it fails immediately.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
-n: Non-interactive; do not prompt for a password.
systemctl: Service management command.
restart: Subcommand to restart a service.
apache2: The service name.

Run a Command and Preserve Environment Variables

Example Usage: sudo -E env | grep PATH

What it does: Preserves the current user’s environment variables while executing the command and displays the PATH variable.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
-E: Preserves user's environment variables.
env: Displays current environment.
|: Pipes output to another command.
grep: Searches for matching text.
PATH: Text to search for.

Run a Command as Another Group

Example Usage: sudo -g admin whoami

What it does: Runs whoami with group privileges of admin.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
-g: Specifies group to execute command with.
admin: Target group.
whoami: Shows current effective username.

Display Available sudo Permissions

Example Usage: sudo -l

What it does: Lists the commands the current user is allowed (or not allowed) to run with sudo.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
-l: Lists privileges or checks a specific command.

Run a Command in Background with Elevated Privileges

Example Usage: sudo bash -c "apt update && apt upgrade -y" &

What it does: Runs a sequence of commands as root in a background process.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
bash: Executes commands in bash shell.
-c: Runs the specified string as a command.
"apt update && apt upgrade -y": Command string to execute.
&: Runs the process in the background.

Read a File with Elevated Privileges (Without Editing)

Example Usage: sudo cat /etc/shadow

What it does: Displays contents of the /etc/shadow file, which normally requires root access.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
cat: Displays file contents.
/etc/shadow: File containing system password hashes.

Execute Multiple Commands via sudo

Example Usage: sudo sh -c "mkdir /opt/myapp && chown user:user /opt/myapp"

What it does: Runs multiple commands as root using sh -c.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
sh: Invokes shell interpreter.
-c: Executes command string.
"mkdir /opt/myapp && chown user:user /opt/myapp": Combined shell commands.

Suppress sudo Warnings and Messages

Example Usage: sudo -s --prompt="" ls /root

What it does: Runs a command with a custom (empty) password prompt, suppressing default messages.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
-s: Runs an interactive shell with root privileges.
--prompt="": Sets a custom password prompt (empty in this case).
ls: Lists files in a directory.
/root: Target directory.

Run sudo with a Timeout Override (Custom Password Cache Duration)

Example Usage: sudo -v

What it does: Updates or verifies cached credentials, extending the sudo authentication timeout.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
-v: Validates cached credentials (refreshes timeout).

Terminate Cached Credentials

Example Usage: sudo -k

What it does: Invalidates the user’s cached sudo credentials, forcing password entry next time.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
-k: Kills cached credentials.

Run Command with Debugging Information

Example Usage: sudo -D9 ls /root

What it does: Executes ls /root with maximum debug output to help troubleshoot sudo configuration.

Command-line Arguments Explained:

sudo: Grants elevated privileges.
-D9: Enables debugging at level 9 (highest).
ls: Lists files in a directory.
/root: Target path.

#cheatsheet #cli #sudo

13 views

Comments

Join the discussion

No comments yet. Be the first to comment.

Common Tasks

Part 24 of 50

Quick reference for performing common tasks in Linux/Mac OS.

Cheatsheet & Examples: tee

Basic Usage: Output to a File Example Usage:tee filename What it does:Writes the standard output to the specified file. If the file doesn’t exist, it creates it. If it does, it appends to it. Command-line Arguments Explained: filename: The nam...

More from this blog

Da Ma Cai 大马彩 API

TL;DR Scarp draw result, host on GitHub, retrieve it like API at damacai.hongineer.com. Data Scraping I have previously shared a technique for scraping Da Ma Cai draw result. Now I finally have time t

Feb 26, 20261 min read16

Da Ma Cai 大马彩 API

Monitor MySQL Replication Status with a Bash Script

This is a Bash script that check if the replica (slave) health status. If there is an issue, it will exist with non-zero status. This is useful when used with monitoring tools like [Monit](https://mmo

Feb 24, 20262 min read15

Monitor MySQL Replication Status with a Bash Script

Cheatsheet & Examples: chmod

chmod is a command-line utility used to change the access permissions of file system objects such as files and directories. It allows you to control who can read, write, and execute those objects. Changing Permissions Using Octal Notation Example Usa...

Jan 23, 20263 min read9

Cheatsheet & Examples: chown

chown changes the ownership of files and directories. This involves modifying the user and/or group associated with a file, determining who has access and permissions. Changing File Ownership to a Specific User Example Usage: chown user file.txt What...

Jan 20, 20263 min read6

Cheatsheet & Examples: usermod

The usermod command modifies a user account's properties on a Linux system. It allows administrators to change various attributes associated with a user, such as the user's login name, home directory, shell, groups, and password expiry information. C...

Jan 16, 20263 min read11

Hong's Tech Blog

110 posts

The blog is older than you know. I prefer counting from the emergence of one integral anomaly to the emergence of the next, in which case this is the forth version.