execute a command as another user
sudo allows a permitted user to execute a command as the superuser or another user, as specified by the
security policy. The real and effective uid and gid are set to match those of the target user, as
specified in the password database, and the group vector is initialized based on the group database
(unless the -P option was specified).
-p prompt The -p (prompt) option allows you to override the default password prompt and use a custom
one. The following percent (`%') escapes are supported by the sudoers policy:
%H expanded to the host name including the domain name (on if the machine's host name is
fully qualified or the fqdn option is set in sudoers(5))
%h expanded to the local host name without the domain name
%p expanded to the name of the user whose password is being requested (respects the rootpw,
targetpw and runaspw flags in sudoers(5))
%U expanded to the login name of the user the command will be run as (defaults to root
unless the -u option is also specified)
%u expanded to the invoking user's login name
%% two consecutive % characters are collapsed into a single % character
The prompt specified by the -p option will override the system password prompt on systems
that support PAM unless the passprompt_override flag is disabled in sudoers.
Before a command is executed, its input and output may be redirected using a special notation interpreted
by the shell. Redirection may also be used to open and close files for the current shell execution
environment. The following redirection operators may precede or appear anywhere within a simple command
or may follow a command. Redirections are processed in the order they appear, from left to right.
Redirection of output causes the file whose name results from the expansion of word to be opened for
writing on file descriptor n, or the standard output (file descriptor 1) if n is not specified. If the
file does not exist it is created; if it does exist it is truncated to zero size.
The general format for redirecting output is:
If the redirection operator is >, and the noclobber option to the set builtin has been enabled, the
redirection will fail if the file whose name results from the expansion of word exists and is a regular
file. If the redirection operator is >|, or the redirection operator is > and the noclobber option to
the set builtin command is not enabled, the redirection is attempted even if the file named by word
A pipeline is a sequence of one or more commands separated by one of the control operators | or |&. The
format for a pipeline is:
[time [-p]] [ ! ] command [ [|⎪|&] command2 ... ]
The standard output of command is connected via a pipe to the standard input of command2. This
connection is performed before any redirections specified by the command (see REDIRECTION below). If |&
is used, the standard error of command is connected to command2's standard input through the pipe; it is
shorthand for 2>&1 |. This implicit redirection of the standard error is performed after any
redirections specified by the command.
The return status of a pipeline is the exit status of the last command, unless the pipefail option is
enabled. If pipefail is enabled, the pipeline's return status is the value of the last (rightmost)
command to exit with a non-zero status, or zero if all commands exit successfully. If the reserved word
! precedes a pipeline, the exit status of that pipeline is the logical negation of the exit status as
described above. The shell waits for all commands in the pipeline to terminate before returning a value.
If the time reserved word precedes a pipeline, the elapsed as well as user and system time consumed by
its execution are reported when the pipeline terminates. The -p option changes the output format to that
specified by POSIX. When the shell is in posix mode, it does not recognize time as a reserved word if
the next token begins with a `-'. The TIMEFORMAT variable may be set to a format string that specifies
how the timing information should be displayed; see the description of TIMEFORMAT under Shell Variables
When the shell is in posix mode, time may be followed by a newline. In this case, the shell displays the
total user and system time consumed by the shell and its children. The TIMEFORMAT variable may be used
to specify the format of the time information.
Each command in a pipeline is executed as a separate process (i.e., in a subshell).
print lines matching a pattern
Print only the matched (non-empty) parts of a matching line, with each such part on a separate
Interpret PATTERN as a Perl regular expression (PCRE, see below). This is highly experimental and
grep -P may warn of unimplemented features.
grep searches the named input FILEs (or standard input if no files are named, or if a single hyphen-minus
(-) is given as file name) for lines containing a match to the given PATTERN. By default, grep prints
the matching lines.