Sudoers are users in every Linux system who can run commands & scripts as root. Sudo privileges are required to run certain administrative tasks and programs and being a sudoer allows you to run these privileged commands. In other words, only users with sudo access can execute commands by adding sudo keyword at the beginning of a command. There are two ways to grant sudo privileges to users in Linux. In this article, we will look at how to add user to sudoers in Linux.
How to Add User to Sudoers in Linux
Here are the two ways to add user to sudoers in Linux.
1. Add User to Sudo Group
You can easily grant sudo access to regular user by adding them to sudo user group, in Ubuntu/Debian Linux systems. These users can easily run any command as root by simply adding sudo keyword at the beginning of the command. Sometimes you may be prompted for your password for authentication before command execution.
Here is the command to grant sudo privileges to user with username “username”. Replace “username” with your username.
$ usermod -aG sudo username
If you are logged in as user with sudo privileges, you can verify it with the following command.
$ sudo whoami
You will see the following output indicating that you are able to run commands as root.
If you get message saying ‘user is not in sudoers file’, it means that the user does not have sudo privileges.
2. Add User to Sudoers File
There is another way to add user to sudoers. All the users and groups with sudo privileges are listed in /etc/sudoers file. If you want to customize the sudo permissions of a user, you can add them to this file. It allows you to control user access and security policies.
Alternatively, you can also create new configuration file in /etc/sudoers.d folder. It is also included into the main sudoers file /etc/sudoers mentioned above.
Instead of opening these files using text editors, it is advisable to use visudo command to access them, since it will tell you if there are any errors and stop you from saving error-prone files.
For example, run visudo command to open sudo file.
Add the following line to end of file to disable password prompt, on running commands with sudo keyword at their beginning. Replace username below with username of your choice.
username ALL=(ALL) NOPASSWD:ALL
Save and close the file to apply changes.
Similarly, here is an example to allow only mkdir and rm commands via sudo,
username ALL=(ALL) NOPASSWD:/bin/mkdir,/bin/rmdir
You can also add the above commands to sudo file, without opening them in an editor, by using tee command as shown below.
$ echo "username ALL=(ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/username
You can use this approach to programmatically add users to sudoers on your system.
That’s it. In this article, we have learnt how to add user to sudoers in Linux. Please note, the first approach is applicable only in Debian/Ubuntu systems but the second one can be used almost every Linux system.