≡ Menu

How to allow a user to sudo?

The question – How to enable sudo access for a user on my Linux box?

The command sudo allows a user to run commands as the super user (root). The advantage of this command is that you are adding a layer of indirection to running commands as super user. The alternative is to allow SSH sessions or local logins as root, which is very risky. If you login as root and type in a misspelled command, it could potentially wipe our your entire file system. Instead, if you use sudo, the chances of that happening are less.

SUDO access can be granted to any user listed in the following file:

/etc/sudoers

To check which users already have sudo access, run the following command on the SSH shell:

root@server [/etc]# grep -i \(ALL\) /etc/sudoers
root ALL=(ALL) ALL
# %wheel ALL=(ALL) ALL
# %wheel ALL=(ALL) NOPASSWD: ALL
root@server [/etc]#

The above sudoers file shows that only root has permission to sudo, which is strange, but thats what the file says.

To enable sudo access for a user, you need to add a line to the sudoers file. For example, to add sudo access to the user ewhathow, add the following line to the sudoers file:

ewhathow ALL=(ALL) ALL

This will grant access to the user ewhathow and the user will be able to run all commands through sudo.

To grant access to only a few commands, you can add something like the following to the file:

ewhathow ALL=(ALL) /bin/ps

This will grant the user ewhathow permission to run only the command ps (process list) through sudo.

Another way to add a user to the sudoers list is to create a group and add the user to the group.

Add the following line to the sudoers file:

%wheel ALL=(ALL) ALL

This will grant access to run ALL commands through sudo to the group wheel. Now to add a user to the wheel group, run the following command:

usermod -aG wheel ewhathow

The above command will add the user ewhathow to the group wheel. The group wheel will be a secondary group for the user.

Comments on this entry are closed.