cheat.sheets:sudo
# sudo
# Execute a command as another user
# List contents of directory to which the user otherwise wouldn't have access.
sudo ls /usr/local/scrt
# Edit the given file as the `www` user. This is a great example of why sudo(8)
# is or was often, and more accurately, referred to as "substitute user do".
sudo -u www vi /var/www/index.html
# Shut down (halt) the machine when 10 minutes have passed. The quoted text is
# messaged to the terminal of all applicable users, known as a 'wall message'.
sudo shutdown -h +10 "Cya soon!"
# Note, that the above is the old method. On machines with SystemD, the below
# command can instead be used.
sudo systemctl reboot
# In Bash, `!!` (bang, bang) is an event designator, as described in bash(1), -
# and is used to refer to the previous command, synonymous for `!-1`.
#
# In this case, the user is able to prefix the entirety of the previous command
# with `sudo`, being most useful when forgetting that `root` access is needed.
sudo !!
# For use in the vim(1) modal text editor, this command allows the user to save
# the currently opened file as the `root` user, despite having not previously
# opened it with such privileges.
:w !sudo tee > /dev/null %
# Reset the current user's sudo(8) timestamp, resulting in the user having to
# once again enter his or her password when next using sudo(8). Use of this
# flag does not actually require `root` privileges.
sudo -K
# List the current user's sudo(8) privileges.
sudo -l
# Add a line to a file using sudo(8). This is especially useful when making
# changes to a kernel parameter file, like the `/proc/sys/vm/swappiness` file.
echo "foo bar" | sudo tee -a /path/to/some/file
# Begin a shell session as the system's `root` user.
sudo -i
# To disable password for sudo(8) for the `superuser` user, add the below line
# to the `/etc/sudoers` file, preferably by using the visudo(8) executable.
#
# superuser ALL=(ALL) NOPASSWD: ALL
#
# This would result in the aforementioned user not needing to enter in a
# password when using `sudo`, otherwise he or she would be required to do so.
#
# Likewise, the below can be entered if this is wished for an entire group, -
# which in this case would be the `special` group.
#
# %special ALL=(ALL) NOPASSWD: ALL
#
# Do note that neither of these configurations are at all recommended and can
# pose a massive security risk.
# Run `CMD` as the `root` user, but maintain the current user's environment. In
# systems like Ubuntu, this is assumed, but systems like Debian would require
# that the user make use of this flag when wanting to keep their environment.
sudo -E [CMD]
cheat:sudo
# Preserve user environment when running command
sudo -E <cmd>
tldr:sudo
# sudo
# Executes a single command as the superuser or another user.
# More information: <https://www.sudo.ws/sudo.html>.
# Run a command as the superuser:
sudo less /var/log/syslog
# Edit a file as the superuser with your default editor:
sudo --edit /etc/fstab
# Run a command as another user and/or group:
sudo --user=user --group=group id -a
# Repeat the last command prefixed with `sudo` (only in `bash`, `zsh`, etc.):
sudo !!
# Launch the default shell with superuser privileges and run login-specific files (`.profile`, `.bash_profile`, etc.):
sudo --login
# Launch the default shell with superuser privileges without changing the environment:
sudo --shell
# Launch the default shell as the specified user, loading the user's environment and reading login-specific files (`.profile`, `.bash_profile`, etc.):
sudo --login --user=user
# List the allowed (and forbidden) commands for the invoking user:
sudo --list
$
cheat.sh