There are several tasks that can only be performed either by root users or users having sudo privileges. The sudo permissions allow the normal users to have root user access and execute the administrative functions or commands executed by root users only. The standard user can not perform sensitive administrative tasks; for example, adding or removing the users and groups or performing any root directory task.
This guide will explain the methods on how to give sudo permission to a user in Linux with these helping topics:
- Adding the User to Sudoers in Linux
- Bonus Tip: Remove a User From Sudoers
Adding the Users to Sudoers in Linux
We can add the existing and new users to sudoers by adding them to the sudoers group or /etc/sudoers file. This section will elaborate on the methods to add existing users to sudoers.
Method 1: Add User to Sudoers Group Using the usermod Command
To add existing or new users to Linux, follow this step-by-step guide.
Step 1: Add the User to the Sudoers Group in Linux
To provide the sudo permissions to the users, we can add them to the sudo group, which is already present in Linux distributions, such as Ubuntu, Redhat, and CentOS. While the new users can be created by running “sudo adduser <user-name>“.
In general, the user can be added to the sudoers group by the following command:
$ sudo usermod -aG sudo <user-name>
The above command’s details are as follows:
- usermod: The user mode commands can change the user privileges.
- a: It is utilized to append the user.
- G: It appends the user to the specified Group “sudo”.
- <user-name>: Put the desired username here.
For instance, to add the existing user named “testuser” to the sudo group, execute the below-stated command:
$ sudo usermod -aG sudo testuser
The error-free output shows that the testuser is added to the sudo group.
Step 2: Verify if the User is Added to Sudoers
To verify that the testuser is added to the sudo group, use the following groups command:
$ groups newuser
The output verifies that the testuser is successfully added to the sudo group.
Step 3: Test Sudo Access
To check that the testuser is provided with the sudo permissions, first, switch to the “testuser” via the command:
$ su - testuser
The output shows that we are switched to the testuser by looking at the username@hostname of the command prompt.
To verify that the testuser has sudo privileges, let’s access the root directory that requires the sudo permissions with the following command:
$ sudo ls /root
The root directory’s content is listed in the output that verifies that the testuser has sudo access.
Method 2: Add User to Sudoers File Manually
The /etc/sudoers is the default sudo file in Linux that shows the details about users with sudo permissions. The existing user can be added to that file to provide him the sudo privileges. For instance, to add the testuser to the sudoers file “/etc/sudoers”, follow the below steps:
Step 1: Open the Default Sudoers File
Let’s open the /etc/sudoers file with the nano editor by running the below-stated command:
$ sudo nano /etc/sudoers
The above interface will open up.
Step 2: Add the User to /etc/sudoers File
Navigate to the # User Privilege Specification section and add the below command to add the testuser:
Note: Use your desired username instead of testuser.
$ testuser ALL=(ALL:ALL) ALL
Press the “Ctrl + O” key to save and “Ctrl + X” to quit the file.
Step 3: Verify the Sudo Access
Let’s list the “root” directory contents which require the sudo privileges using the below command:
$ sudo ls /root
The output lists the root directory content, which verifies that the testuser has root privileges.
Bonus Tip: Remove a User From Sudoers
If you want to remove the sudo permissions from a user, you can use the gpasswd command’s “d” (delete) option. For instance, to remove the user named “testuser”, run the below-mentioned command:
$ sudo gpasswd -d testuser sudo
The output shows that the testuser has no sudo permissions now.
There are two methods to add the users to sudoers in Linux: adding the user to the sudo group or adding to the/etc/sudoers file. Both these methods are explained in a step-by-step procedure in this guide. Moreover, you have also learned the method to remove a user from the sudoers group.