Elevating Privileges
You have complete and total control over all of the files in your home directory. But you don’t have free reign over directories and files across the whole disk. You can only do certain things with superuser privileges. On Linux, Unix, BSD, and macOS systems, this is called the root user. To keep things more secure and to prevent accidents, regular user accounts are restricted from modifying things outside of their home directories.
Try to create a new directory called /var/website:
| | $ mkdir /var/website |
This command will fail with the following error:
| | mkdir: /var/website: Permission denied |
You’re not allowed to create files in the /var directory; only certain users can do that. But thanks to the sudo command, you can execute a single command as the root user, without logging in as that user. To use it, prefix the previous command with sudo, like this:
| | $ sudo mkdir /var/website |
Think of this sudo command as “superuser do mkdir /var/website.” The command will complete successfully, and you can verify that it exists by using the ls command to view the contents of the /var directory:
| | $ ls /var/ |
| | backups cache crash lib local lock log mail metrics opt run snap |
| | spool tmp website |
The website directory is now listed in the output.
The sudo command is powerful but dangerous. You’re running the command as a privileged user, so if the command does something sinister, you could be in a lot of trouble. It also bypasses any file permission restrictions, meaning you could accidentally alter or delete files owned by anyone if you accidentally ran the wrong command. Use this with care!
One place you’re likely to use sudo is when modifying system-wide configuration files, or, as you’ll try next, installing additional programs or tools on your operating system.