Sudo
Template:Short description Template:Redirect Template:Lowercase title Template:Infobox software
<syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> (Template:IPAc-en or Template:IPAc-en<ref name="todmil8"/>) is a shell command on Unix-like operating systems that enables a user to run a program with the security privileges of another user, by default the superuser.<ref name="nyt080526"/> It originally stood for "superuser do",<ref>Template:Cite web</ref> as that was all it did, and this remains its most common usage;<ref>Template:Cite web</ref> however, the official Sudo project page lists it as "su 'doTemplate:'".<ref>Template:Cite web</ref> The current Linux manual pages define <syntaxhighlight lang="text" class="" style="" inline="1">su</syntaxhighlight> as "substitute user",<ref>Template:Cite web</ref> making the modern meaning of <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> "substitute user, do", because <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> can run a command as other users as well.<ref>Template:Cite web</ref><ref>Haeder, A.; Schneiter, S. A..; Pessanha, B. G.; Stanger, J. LPI Linux Certification in a Nutshell. O'Reilly Media, 2010. p. 409. Template:ISBN.</ref>
Unlike the similar command su, users must, by default, supply their own password for authentication, rather than the password of the target user. After authentication, and if the configuration file (typically /etc/sudoers) permits the user access, the system invokes the requested command. The configuration file offers detailed access permissions, including enabling commands only from the invoking terminal; requiring a password per user or group; requiring re-entry of a password every time or never requiring a password at all for a particular command line. It can also be configured to permit passing arguments or multiple commands.
History
Robert Coggeshall and Cliff Spencer wrote the original subsystem around 1980 at the Department of Computer Science at SUNY/Buffalo.<ref name="grati9"/> Robert Coggeshall brought sudo with him to the University of Colorado Boulder. Between 1986 and 1993, the code and features were substantially modified by the IT staff of the University of Colorado Boulder Computer Science Department and the College of Engineering and Applied Science, including Todd C. Miller.<ref name="grati9" /> The current version has been publicly maintained by OpenBSD developer Todd C. Miller since 1994,<ref name="grati9"/> and has been distributed under an ISC-style license since 1999.<ref name="grati9"/>
In November 2009, Thomas Claburn, in response to concerns that Microsoft had patented sudo,<ref name="maxi10"/> characterized such suspicions as overblown.<ref name="dark11"/> The claims were narrowly framed to a particular GUI, rather than to the sudo concept.<ref name="spi091112"/>
The logo is a reference to an xkcd strip, where an order for a sandwich is accepted only when preceded with <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight>.<ref>Template:Cite web</ref><ref>Template:Cite web</ref>
Design
Unlike for su, users supply their personal password to <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> (if necessary)<ref name="iu.edu">Template:Cite web</ref> rather than that of the superuser or other account. This allows authorized users to exercise altered privileges without compromising the secrecy of the other account's password.<ref>Template:Cite web</ref> Users must be in a certain group to use the <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> command, typically either the wheel or sudo group.<ref>Template:Cite web</ref> After authentication, and if the configuration file permits the user access, the system invokes the requested command. <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> retains the user's invocation rights through a grace period (typically 5 minutes) per pseudo terminal, allowing the user to execute several successive commands as the requested user without having to provide a password again.<ref>Template:Cite web</ref>
As a security and auditing feature, <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> may be configured to log each command run. When a user attempts to invoke <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> without being listed in the configuration file, an exception indication is presented to the user indicating that the attempt has been recorded. If configured, the root user will be alerted via mail. By default, an entry is recorded in the system.<ref>Where are sudo Incidents Reported? Template:Webarchive Retrieved April 10, 2023</ref>
Configuration
The /etc/sudoers file contains a list of users or user groups with permission to execute a subset of commands while having the privileges of the root user or another specified user. The file can be edited by using the command sudo visudo. Sudo contains several configuration options such as allowing commands to be run as <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> without a password, changing which users can use <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight>, and changing the message displayed upon entering an incorrect password.<ref>Template:Cite web</ref> Sudo features an easter egg that can be enabled from the configuration file that will display an insult every time an incorrect password is entered.<ref>Template:Cite web</ref>
Impact
In some system distributions, <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> has largely supplanted the default use of a distinct superuser login for administrative tasks, most notably in some Linux distributions as well as Apple's macOS.<ref name="ubunt5"/><ref name="macdv4"/> This allows for more secure logging of admin commands and prevents some exploits.
RBAC
In association with SELinux, <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> can be used to transition between roles in role-based access control (RBAC).<ref>Template:Cite web</ref>
Tools and similar programs
visudo is a command-line utility that allows editing the sudo configuration file in a fail-safe manner. It prevents multiple simultaneous edits with locks and performs sanity and syntax checks.
Sudoedit is a program that symlinks to the sudo binary.<ref>Template:Cite web</ref> When sudo is run via its sudoedit alias, sudo behaves as if the -e flag has been passed and allows users to edit files that require additional privileges to write to.<ref>Template:Cite web</ref>
Microsoft released its own tool also called <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> for Windows in February 2024. Its interface is similar to its Unix counterpart by giving the ability to run elevated commands from an unelevated console session, although its implementation is entirely different.<ref>Template:Cite web</ref> The program runas provides comparable functionality in Windows, but it cannot pass current directories, environment variables or long command lines to the child. And while it supports running the child as another user, it does not support simple elevation. Hamilton C shell also includes true <syntaxhighlight lang="text" class="" style="" inline="1">su</syntaxhighlight> and <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> for Windows that can pass all of that state information and start the child either elevated or as another user (or both).<ref>Template:Cite web</ref><ref>Template:Cite web</ref>
Graphical user interfaces exist for sudo – notably gksudo – but are deprecated in Debian and no longer included in Ubuntu.<ref>Template:Cite web</ref><ref>Template:Cite web</ref> Other user interfaces are not directly built on sudo, but provide similar temporary privilege elevation for administrative purposes, such as pkexec in Unix-like operating systems, User Account Control in Microsoft Windows and Mac OS X Authorization Services.<ref name="apple2"/>
doas, available since OpenBSD 5.8 (October 2015), has been written in order to replace <syntaxhighlight lang="text" class="" style="" inline="1">sudo</syntaxhighlight> in the OpenBSD base system, with the latter still being made available as a port.<ref>Template:Cite web</ref>
gosu is a tool similar to sudo that is popular in containers where the terminal may not be fully functional or where there are undesirable effects from running sudo in a containerized environment.<ref>Template:Cite web</ref>
A rewrite of sudo, called sudo-rs, written in the Rust programming language, became adopted as the default in Ubuntu.<ref>Template:Cite web</ref>