find all sudo users in linux

How to Find All Sudo Users in Linux

Sudo users are privileged users who have more permissions to run commands & processes that regular users. As a system administrator, it is important to regularly keep track of all sudo users in Linux. In this article, we will learn how to find all sudo users in Linux. Sometimes you may have given sudo access temporarily to certain users to install applications or run administrative commands. If they are no longer required, it is advisable to find such sudo users and revoke the sudo access.


How to Find All Sudo Users in Linux

Here are the different ways to list sudo users in Linux.


1. List All Users

Here is the command to list all users in Linux.

$ awk -F':' '{ print $1}' /etc/passwd

/etc/password contains a list of all users in your system, along with their encrypted passwords. We will use awk command to parse this file and print the first column which is nothing but username.

Another simple ways to get this list of users in system is to use compgen command.

$ compgen -u

Next, you can run the following command to list all sudo users in Linux.

$ grep '^sudo:.*$' /etc/group | cut -d: -f4

All users belonging to sudo user group have sudo privileges. /etc/group file contains information about different groups and their members. We will use grep command to look for rows about sudo group in this file and pipe its output to cut command to extract only the username.

Alternatively, you can also use getent command to get the same output.

$ getent group sudo | cut -d: -f4


2. Find If User Has Sudo Privileges

We have seen how to list all sudo users in our system. Now if you want to check if a specific user has sudo privileges, you can use the following command.

$ sudo -l -U <username>

Here is an example to check if user test_user is sudo user.

Matching Defaults entries for test_user on ubuntuserver:
 env_reset, mail_badpass,
 secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin

User test_user may run the following commands on ubuntuserver:
 (ALL : ALL) ALL

If your Linux user does not have sudo access, you will see the following message.

$ sudo -l -U test_user2
User test_user2 is not allowed to run sudo on ubuntuserver.

If you want to find if a logged in user(e.g test_user) has sudo privileges, you can run the following command.

$ sudo -nv

If you don’t get any output, the user has sudo access.

If you don’t have sudo access, you will see the following message.

Sorry, user test_user may not run sudo on ubuntuserver.

In this article, we have learnt how to find all sudo users in out system, and also how to find if a given user has sudo privileges.

Also read:

How to Check if Program Exists in Shell Script
How to Insert Text to Beginning of File in Linux
How to Get My Public SSH Key
How to Revoke SSH Access & Keys in Linux
How to Create Man Pages for Script, Modules

Leave a Reply

Your email address will not be published.