The 4 Best sudo Alternatives for Linux Worth Considering
sudo is probably one of the most used Linux commands. It allows you to gain administrative or elevated privileges on a Linux machine.
You normally need elevated privileges to execute actions such as installing software, managing services, and deleting critical system files. But did you know there are alternatives to the sudo command on Linux?
Why Execute Linux Commands as Another User?
sudo is a very important command because it allows you to execute commands with superuser privileges. By default, non-root users normally have limited access to resources and files on Linux.
Limiting access to users on Linux is very vital for the following reasons:
- Control: It allows administrators or the owners of the system to grant specific access to certain files and programs. This is good for system stability, privacy, and overall performance.
- Security: Limiting access to certain parts of the system prevents accidental deletion or changes to the system. And it also reduces the system’s attack surface.
sudo works fine and does a lot more than what most people use it for. Unfortunately, this makes it very bloated.
Fortunately, as with most things on Linux, there are some great alternatives to the sudo command, and here are some of them.
The pkexec (PolicyKit Executive) command is a front-end implementation of the PolicyKit framework, which provides a set of rules for granting privileges to users and processes.
pkexec allows you to execute a command with the privileges of a different user or role, based on the rules defined in a specified policy.
The pkexec tool is already installed on Ubuntu and other major Linux distros. In the case that it’s not installed, here’s how to install it.
On Debian-based systems, run:
sudo apt update && sudo apt install policykit-1
On RHEL and similar distros, run:
sudo dnf install policykit
On Arch-based Linux distros, use the following command:
sudo sudo pacman -S policykit
How to Use pkexec
To use pkexec, you must first specify the pkexec keyword followed by the command you want to execute, followed by any arguments or options that the command requires.
For example, to install the funny Linux program: cowsay on your system using super-user privileges, you would use the following:
pkexec apt install cowsay
You can also specify a user or role to assume the privileges of, by using the –user option followed by the name of the user or role. For example, to execute the preceding command with the privileges of the admin user, you would use the following command:
Also, you’d need to enter the password of the user or role you have specified in the command. If you do not have the necessary permissions you’ll receive an error.
The doas command has its origins in the OpenBSD operating system. It allows you to execute a command with the privileges of a specified user or role.
It’s much similar to the sudo command, but it is modern, very lightweight, and easy to configure because it uses concise and readable statements.
If it’s not, here’s how you can install doas on Linux.
Configuring doas on Linux
Unlike the sudo and pkexec commands, you must configure a newly installed instance of doas before you start using it. The configuration file is located at /etc/doas.conf. If the config file does not exist, create one using the touch command or any other program of your choice.
To give the user “mwizak” super-user privileges on your system, you can add the following line to the /etc/doas.conf file:
permit persist :mwizak as root
Remember to replace the user “mwizak” in the aforementioned command with the correct username.
After saving the configuration changes, try to install cowsay using the following command:
doas apt install cowsay
To use another user, you can use the -u flag followed by the username. It’s similar to the –user flag used with the pkexec command.
For example, to run the preceding command as the system admin, you would run:
doas -u admin apt install cowsay
The su command is short for “switch user.” It allows you to execute commands as users other than the currently logged-in user. It’s normally used to run commands that require root privileges, but you can just run any other command using su.
Running the su command without any arguments assumes the root user, so you must know the root user password to proceed. If you were to switch to a user named john, you would simply run the command:
Enter the password for the user john. To switch back to the original user, simply run the exit command.
Be aware that running commands as the root user is usually not recommended because you are not prompted for a password on each command you run, which can lead to disastrous consequences, such as accidentally deleting files.
dzdo is a command-line tool used to execute commands with the privileges of another user, such as the superuser or root user. It is similar to the sudo command, which is commonly used for the same purpose. The dzdo command is mostly available on Oracle Linux.
You can use the -u flag to specify the user whose privileges you want to use. For example, the following command will execute the apt-get update command with the privileges of the superuser (root):
dzdo -u root apt-get update
The system will ask you to enter the appropriate password to confirm that you have the necessary privileges to run the command.
Use the Correct User Controls For Enhanced Security on Linux
sudo is a commonly used command on Linux systems that allows a user to execute a command with the privileges of the root user. Depending on your needs, you can use any sudo alternatives in your workflow.
On Linux, it is also important to assign the proper access levels to files and folders for better security.