Some tips and tricks for using the `#sudo` #command

1. Limit Access: By default, `sudo` allows authorized users to execute any command with elevated privileges. You can restrict access to specific commands or command categories by editing the `/etc/sudoers` file using the `visudo` command. For example, to allow a user to only run the `reboot` command:

 

   username ALL=/sbin/reboot

 

2. Customize the Prompt: You can customize the `sudo` command prompt to display a warning message or provide context for the command being executed. Edit the `sudoers` file and add a `Defaults` line with the `lecture` option:

 

   Defaults        lecture=always

   Defaults        lecture_file=/etc/sudo_lecture

 

3. Timestamp and Timeout: By default, `sudo` caches your credentials for a certain period (usually 5 minutes) to avoid repetitive password prompts. You can adjust the timeout duration by editing the `sudoers` file:

 

   Defaults        timestamp_timeout=10

 

4. Check User Privileges: You can verify which commands a user can run with `sudo` privileges by running:

 

   sudo -l

 

5. Running GUI Applications: If you need to run graphical applications with `sudo`, use `sudo -H` or `sudo -i` to set the `HOME` environment variable correctly:

 

   sudo -H gedit

 

6. Avoid `sudo su`: Instead of running `sudo su` to become the root user interactively, use `sudo -i` or `sudo -s` for a shell session with elevated privileges. This avoids potential issues with environment variables.

 

   sudo -i

 

7. Audit `sudo` Usage: You can enable auditing of `sudo` commands to keep track of who is using `sudo` and what commands are executed. Refer to your system's auditd or auditctl configuration for this.

8. Use `sudo !!`: If you forget to prefix a command with `sudo`, you can run it with elevated privileges using `sudo !!`. For example:

 

   apt update

   sudo !!  # Executes 'sudo apt update'

 

9. Secure Password Entry: To ensure your password is hidden while entering it for `sudo`, use the `-S` option:

 

   sudo -S command

 

10. Temporary Elevation: If you need to run multiple commands as the superuser in the same terminal session, you can use `sudo -s` to start an elevated shell:

  

    sudo -s

  

11. Insider Information: To display information about the user's `sudo` privileges, run:

  

    sudo -l

  

12. Enable Root Account: You can enable and set a password for the root account, but this is generally discouraged in favor of using `sudo`.

Remember that with great power comes great responsibility. Always use `sudo` cautiously to avoid unintentional system changes or security risks.