Saturday, March 21, 2009

Project: Building An All-Text Linux Workstation - Part 5

In today's episode, we'll look at sudo and some text editing stuff. So fire up your text boxes and let's get going!

If you're an Ubuntu user, you probably already know a little about sudo. It's the command you use to get temporary administrative privileges for doing such things as editing configuration files and installing software. sudo allows users to enter their own password instead of the root password to perform privileged tasks. Further, sudo can be configured to allow specific users specific privileges. For example, a user can be allowed to only execute a specific command as the superuser.

sudo is invoked this way:

sudo command

where command is the command to be executed with escalated privileges.

One of the inconveniences on our all-text system is that we must either login as root or use the su command to shut the system down, since only the superuser is allowed to shutdown the system. A sensible precaution considering that Linux systems are designed to support multiple users at the same time.

To fix this problem, we'll install sudo on our system. We can do this with either aptitude or apt-get. As root, enter the following command:

apt-get install sudo

and the sudo package will be installed.

sudo is controlled by a configuration file named /etc/sudoers. The sudoers file is a little unique in that it wants to be edited only with the visudo program. You can actually edit it with any text editor, but the visudo program checks the syntax of the file to help prevent errors. This is important for any file with the security implications of sudoers.

To edit the file, we simply (as root again) enter the command:


and the following screen will appear:

Despite the name, the visudo program uses the nano text editor and not vi. This makes it much easier for new users. Our change to the sudoers file is very simple. Add this line in the section labled "User privilege specification" and then save the file and exit the editor by first typing ctrl-o and then ctrl-x.:


Substitute your user name for the name "me" and this configuration will allow you to execute any command with root privileges by entering your own password.

To allow a user of the system to only run the poweroff command (performs the same as shutdown but does not require the time to be specified), we could add this line to the file:

username ALL=(ALL) /sbin/poweroff

where username is the name of the user.

As we have seen, our Debian system has the nano text editor installed by default. nano is a clone of an earlier editor named pico that is included with the pine email program. pine has some license issues that prevents it from being included with some Linux distributions so a replacement version of its editor was developed.

To use nano, type the following:

nano textfile

where textfile is the name of a file to edit.

As text-based editors go, it's pretty easy to use. It provides a small list of commands at the bottom of the screen. Pressing the ctrl-g key brings up the help screen which displays all of its commands. nano does support the mouse. See the nano man page for details.

nano uses a global configuration file named /etc/nanorc and, if available, a local configuration file named ~/.nanorc. To make an initial copy of the local configuration file, copy the global file to your home directory:

me@linuxbox:~$ cp /etc/nanorc ~/.nanorc

One useful change we can make to the configuration file is the activation of syntax highlighting. This can be done by removing comments from several lines at the end of the file. The last section of the configuration file, the "Color setup" section, has a number of "include" statements which load syntax definitions. To enable syntax highlighting support, remove the comment symbol from the beginning of the line. Change lines like this:

## Bourne shell scripts
#include "/usr/share/nano/sh.nanorc"


## Bourne shell scripts
include "/usr/share/nano/sh.nanorc"

for as many languages as you wish to support.

Syntax highlighting is automatically activated based on the file name extension of the file being edited. For example, if we edit a file named foo.html and the HTML syntax definition has been included in the .nanorc file, the foo.html file will be displayed with syntax highlighting when loaded. The colors can be toggled on and off by pressing alt-y. This presents a problem for shell scripts, however as most do not have a file extension in their name. This can be solved in one of two ways. First, add the extension ".sh" to the file name, or second, invoke nano with the -Y sh option, which forces the selection of the sh highlighting. It might be a good idea to add an alias such as:

alias nano-sh='nano -Y sh'

to your .bashrc file to make this more convenient.

Real Linux users, of course, don't use nano. They use vim, the enhanced replacement for the traditional Unix editor, vi. The version of vim installed by default on our system is called vim-tiny, a subset of the full package. I recommend installing the full vim package. This can be done with apt-get like so:

apt-get install vim

I'm not going to cover vim in this posting as it would take too much space (it consumed a rather chapter in my upcoming book) but there is a pretty good on-line book (in PDF format) that describes it in detail. See The Vim Book. Seriously, to be a real Linux person you should take the time to learn it. I know its not easy, but you'll really enjoy lording it over the other Linux newbies once you do.

Well, that's all for this time. See you again soon!

Further Reading

Other installments in this series: 1 2 3 4 5 6 7 8 9 10 11 12 13 14


  1. Hi,

    I'd love to hear your thoughts on 'A Byte of Vim', a free Creative Commons-licensed beginner's book on Vim -


  2. A slight correction, or technicality if you will. It's not so much that visudo uses nano as that it uses /usr/bin/editor, which is symlinked to /etc/alternatives/editor, which is symlinked to nano by default. So it's possible to get visudo to use your favourite text editor by running (as root)

    update-alternatives --config editor

    or by configuring visudo in the sudoers file to use the EDITOR environment variable.