On Linux, the sudo command is used to grant root privileges to regular user accounts to perform administrative tasks. In this tutorial, we’ll walk through adding a user to the sudoers file for Linux distributions such as Ubuntu and CentOS.
Ubuntu
Let’s look at two ways to give a user sudo rights.
The first is to add the user to the sudoers file. This file contains information that controls which users and groups are granted sudo privileges and the level of those privileges.
The second option is to add the user to the sudo group specified in the sudoers file. By default, on Debian-based distributions such as Ubuntu and Linux Mint, members of the “sudo” group are given sudo access.
Adding user to the sudoers file.
The sudo rights of users and groups are defined in the /etc/sudoers file. Adding a user to this file allows you to provide custom command access and customize custom security policies.
You can configure sudo user access by modifying the sudoers file or by creating a new configuration file in the /etc/sudoers.d directory. The files inside this directory are included in the sudoers file.
Always use visudo to edit the /etc/sudoers file. This command checks the file for syntax errors when it is saved. If there are errors, the file is not saved. If you open the file in a text editor, a syntax error can result in loss of sudo access.
Visudo usually uses vim to open the /etc/sudoers file.
Let’s say you want to allow the user to run sudo commands without prompting for a password. To do this, open the /etc/sudoers file as root:
visudo
Scroll down to the bottom of the file and add the following line:
username ALL=(ALL) NOPASSWD:ALL
To save the file and exit the editor at the same time, press Esc to switch to normal mode, type :wq! and press Enter. Remember to change “username” to the name of the user you want to grant access to.
Adding a user to a sudo group
On Ubuntu, the easiest way to grant a user sudo privileges is to add the user to the “sudo” group. Users of this group can run any command as root using sudo and be prompted to authenticate with their password when using sudo.
We assume that the user already exists.
To add a user to the group, run the command below as root or another sudo user. Make sure you change “username” to the name of the user you want to grant permissions to.
usermod -aG sudo username
Granting sudo access using this method is sufficient for most use cases.
To verify that the user has sudo privileges, relog in and run whoami:
sudo whoami
You will be prompted for a password. If the user has sudo access, the command will print “root”. If you get the error “user is not in sudoers file”, it means that the user does not have sudo privileges.
CentOS
Log in with administrator credentials.
By default, CentOS 7 has a user group called “wheel”. Members of the wheel group are automatically given sudo privileges. Adding a user to this group is a quick and easy way to grant the user sudo rights.
Open the configuration file by entering the command:
visudo
Scroll through the config file until you see the following entry:
## Allows people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
If the second line starts with a # sign, it is disabled and marked as a comment. Just remove the # sign at the beginning of the second line so it looks like this:
%wheel ALL=(ALL) ALL
Then save the file and exit the editor.
To add a user to the wheel group, use the command:
usermod –aG wheel username
Remember to change “username” to the name of the user you want to grant access to.
Adding user to the sudoers file.
Run the following command in terminal:
visudo
This will open the /etc /sudoers file in a text editor.
Scroll down to find the following section:
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
Add the following text immediately after this entry:
username ALL=(ALL) ALL
Remember to change “username” to the name of the user you want to grant access to.
To save the file and exit the editor at the same time, press Esc to switch to normal mode, type :wq! and press Enter.
