Sudo (Run Command with Superuser Privileges)
What is sudo?
The sudo (SuperUser DO) command enables users to run programs with the security privileges of the superuser. Normal users don't have execution permission for some commands, for example, installing a new library.
Logging into the system as the superuser frequently may increase security risks such as password breaches. By using the sudo command, you can execute those commands without switching to the superuser.
Who can run the sudo command? – sudoers
Not all users can execute the sudo command. The users who can execute the sudo command have to be members of the sudo group in Ubuntu OS. For CentOS, wheel group members can execute the sudo command. As the users in the sudo or wheel group can act as the superuser, you can manage system administrator users of a server by editing users of the groups. On Ubuntu, you can also use the admin group instead of the sudo group.
Note: Add users to sudo or wheel group
To give users permission to run the sudo command, include the users in the sudo group (on Ubuntu OS) or wheel group (on CentOS) by running the usermod or gpasswd command. You need to be careful because the order of arguments is different between the two commands. In usermod, you need to specify the group first while you need to specify the user first in gpasswd. The details of usermod and gpasswd will be explained later. Here are example commands.
Example for Ubuntu OS
sudo usermod -aG sudo user_a
or
sudo gpasswd -a user_a sudo
Example for CentOS
sudo usermod -aG wheel user_a
or
sudo gpasswd -a user_a wheel
To add users to the sudo group or wheel group, you need to create the users first. To create new users, check Useradd (Add User) 
.
Tips: Sudoers and visudo command
The configuration file for sudo is /etc/sudoers. You can check the document using the sudo cat /etc/sudoers command; however, when you edit the file, you need to use the sudo visudo command. The visudo command performs a format check of the file before you save it.
Run the following command to check the /etc/sudoers file.
sudo visudo
This is an example of Ubuntu OS (20.04 LTS) on AWS Lightsail. The command opens the file with the GNU nano text editor in this case. GNU nano is a built-in text editor for Unix-like computing systems. Key commands to operate the file are displayed at the bottom. "^" means the Ctrl key. For example, press the Ctrl + x key to exit.
You can see the following line in the file. % means group. This line defines that members of the sudo group can execute any commands.
%sudo ALL=(ALL:ALL) ALL
In CentOS, the descriptions of the /etc/sudoers file are different.
This is an example of Cent OS 7 on AWS Lightsail. The sudo visudo command opens the /etc/sudoers file with the Vim editor. When you go to the bottom of the section using the G (shift + g) key, you can see the descriptions similar to the ones in Ubuntu OS; however, there are no descriptions for the sudo group. Instead, you can see the wheel group in the file.
What is sudo?
The sudo (SuperUser DO) command enables users to run programs with the security privileges of the superuser. Normal users don't have execution permission for some commands, for example, installing a new library.
Logging into the system as the superuser frequently may increase security risks such as password breaches. By using the sudo command, you can execute those commands without switching to the superuser.
Who can run the sudo command? – sudoers
Not all users can execute the sudo command. The users who can execute the sudo command have to be members of the sudo group in Ubuntu OS. For CentOS, wheel group members can execute the sudo command. As the users in the sudo or wheel group can act as the superuser, you can manage system administrator users of a server by editing users of the groups. On Ubuntu, you can also use the admin group instead of the sudo group.
Note: Add users to sudo or wheel group
To give users permission to run the sudo command, include the users in the sudo group (on Ubuntu OS) or wheel group (on CentOS) by running the usermod or gpasswd command. You need to be careful because the order of arguments is different between the two commands. In usermod, you need to specify the group first while you need to specify the user first in gpasswd. The details of usermod and gpasswd will be explained later. Here are example commands.
Example for Ubuntu OS
sudo usermod -aG sudo user_a
or
sudo gpasswd -a user_a sudo
Example for CentOS
sudo usermod -aG wheel user_a
or
sudo gpasswd -a user_a wheel
To add users to the sudo group or wheel group, you need to create the users first. To create new users, check Useradd (Add User) .
Tips: Sudoers and visudo command
The configuration file for sudo is /etc/sudoers. You can check the document using the sudo cat /etc/sudoers command; however, when you edit the file, you need to use the sudo visudo command. The visudo command performs a format check of the file before you save it.
Run the following command to check the /etc/sudoers file.
sudo visudo
This is an example of Ubuntu OS (20.04 LTS) on AWS Lightsail. The command opens the file with the GNU nano text editor in this case. GNU nano is a built-in text editor for Unix-like computing systems. Key commands to operate the file are displayed at the bottom. "^" means the Ctrl key. For example, press the Ctrl + x key to exit.
You can see the following line in the file. % means group. This line defines that members of the sudo group can execute any commands.
%sudo ALL=(ALL:ALL) ALL
In CentOS, the descriptions of the /etc/sudoers file are different.
This is an example of Cent OS 7 on AWS Lightsail. The sudo visudo command opens the /etc/sudoers file with the Vim editor. When you go to the bottom of the section using the G (shift + g) key, you can see the descriptions similar to the ones in Ubuntu OS; however, there are no descriptions for the sudo group. Instead, you can see the wheel group in the file.
