Terminus by Warp
How to Add a User to Sudoers
Terminus by
Table of Contents

Using usermod

In Ubuntu or Debian

In CentOS or Fedora

Verify Changes

Using Sudoers File

Adding a Group to Sudoers

Using visudo

Topics
Featured

How to Add a User to Sudoers

Razvan Ludosanu
Razvan Ludosanu
Founder, learnbackend.dev
Linux
Unix

On Unix and Linux, the superuser account, also known as root, admin, or supervisor, is a special user account capable of making unrestricted, system-wide changes. It is mostly used for system administration tasks such as changing the ownership of files or binding network ports. However, it is sometimes necessary to allow standard user accounts to perform some of these sensitive actions, by granting them elevated privileges and access through the use of the [.inline-code]sudo[.inline-code] command.

In this article, we'll cover two methods for adding a user, or a group of users, to the sudoers list.

[#using-usermod]Add user to sudoers with the [.inline-code]usermod[.inline-code] command[#using-usermod]

In Linux, a group is a collection of accounts that can be given special or elevated permissions on the system. For example, a group can be given read permission on a file and another group read and write permissions on the same file.

To add a user account to a group, we can use the [.inline-code]usermod[.inline-code] command that essentially allows us to modify an existing account.

 $ usermod -a -G

Where:

  • The [.inline-code]-a[.inline-code] flag (short for append) is used to specify that we want to add a group to the specified user.
  • The [.inline-code]-G[.inline-code] flag (short for groups) is used to specify which group we want to add.

Since most Linux distributions have a special group for sudoers, the easiest way to grant superuser privileges to a user account is to add it to this group.

[#in-ubuntu-or-debian]Add users to sudoers in Ubuntu or Debian[#in-ubuntu-or-debian]

On Ubuntu and Debian, this group is named [.inline-code]sudo[.inline-code].

 $ sudo usermod -a -G sudo

[#in-centos-or-fedora]Add users to sudoers in CentOS or Fedora[#in-centos-or-fedora]

On CentOS and Fedora, this group is named [.inline-code]wheel[.inline-code].

 $ sudo usermod -a -G wheel

[#verify-changes]Check whether adding users to sudoers was successful[#verify-changes]

To verify that a user was successfully added to the sudoers group, we can display the content of the [.inline-code]/etc/group[.inline-code] file using the [.inline-code]cat[.inline-code] command, which contains the list of groups (and their users) registered on the system.

[#using-sudoers-file]Add users to sudoers using the sudoers file[#using-sudoers-file]

In *nix systems, user accounts and groups with sudo privileges are stored into the [.inline-code]/etc/sudoers[.inline-code] file (sometimes called the “sudo file”), which contains a list of instructions called privilege lines, that can be edited to grant customized access to commands a user or a group can execute, or configure custom security policies.

The general syntax for a privilege line is the following:

 user on_host=(as_user:as_group) allowed_commands

Which can be roughly translated to "who where=(whom) what".

For example, the following line can be read as "the root user can run any command as any user from any group on any host."

 root ALL=(ALL:ALL) ALL

And this line can be read as "the admin user can run the mkdir command as the root user on any host".

 admin ALL=(root) /usr/bin/mkdir

[#adding-a-group-to-sudoers]Adding a group to sudoers[#adding-a-group-to-sudoers]

The sudoers file also allows us to grant superuser privileges to an entire group of users by specifying the group name prefixed with a percentage character ([.inline-code]%[.inline-code]).

 %group on_host=(as_user:as_group) allowed_commands

[#using-visudo]Use [.inline-code]visudo[.inline-code] to safely modify the sudoers file[#using-visudo]

Because of the sensitive nature of its content, it is highly recommended to only open it using the [.inline-code]visudo[.inline-code] utility — which uses the [.inline-code]vim[.inline-code] text editor under the hood — as it will automatically check for syntax errors before the file is saved, preventing us from ending up with a broken system where it is impossible to obtain elevated privileges.

 $ visudo

Note that if you are not particularly experienced with [.inline-code]vim[.inline-code], you can always change the default editor using the following syntax.

 $ EDITOR= visudo

Written by

Razvan Ludosanu
Razvan Ludosanu
Founder, learnbackend.dev

Filed under

Linux
Unix
Warp terminus dashboard
meet Warp

Your terminal, reimagined.

Warp is a modern, Rust-based terminal with AI built in so you and your team can build great software, faster.

Download App
or learn more
Learn more
Learn more

Related Articles

Create Files In Linux

Learn how to create regular files in Linux using command line interface commands like touch, echo, cat, printf, and in-terminal text editors like Vim.

Linux

List Users In Linux

Learn how to list users and groups in Linux.

Linux

Edit Files in Linux

Learn how to edit files in Linux using command-line file editors such as Vim, Nano, and Emacs, the output redirection operator, and the sed command.

Linux

Change User Passwords In Linux

Learn how to change, manage and generate user passwords in Linux using the passwd, chpasswd, chage and openssl commands.

Linux

Create User In Linux

Learn to create and configure user accounts in Linux in interactive and non-interactive mode using the useradd and adduser commands.

Linux

How To Unzip A tar.gz File

Learn how to unzip a tar.gz file on Linux, macOS, and Windows.

Linux

How To Filter The Output of Commands

Learn how to filter and format the output of commands and logs using the grep, awk, uniq, head, and tail commands.

Linux
Grep

Create Directories Recursively With mkdir

Learn how to recursively create nested directories using the mkdir command, Bash scripts, and Python scripts.

Unix
Linux

How to Download Files With curl And wget

Learn how to start and resume the download of files via the HTTP and FTP protocols using the curl and wget commands.

Linux
Unix

How To Copy A Directory In Linux

Learn how to copy directories and their content in Linux using the cp command with options like -r for recursive copying, -i for interactive mode, and -a for preserving attributes.

Linux

Upload Files With curl

Learn how to upload a file to FTP, SFTP servers, Artifactory, and AWS S3 using the curl command.

Linux
Unix

Ignoring SSL Certificate Issues with cURL

Discover how to bypass SSL certificate verification in cURL for HTTPS endpoints, addressing both direct requests and those via proxies. We will also see how this could be handled both in the terminal and system-wide via the `.curlrc` file

Linux
Unix

Experience the power of Warp

  • Write with an IDE-style editor
  • Easily navigate through output
  • Save commands to reuse later
  • Ask Warp AI to explain or debug
  • Customize keybindings and launch configs
  • Pick from preloaded themes or design your own
Download now
brew install --cask warp
Copied!
Download now
Or download for Linux today / Join the Windows waitlist
Join the Windows waitlist:
Success! You will receive an email from Warp when the release is available to download.
Oops! Something went wrong while submitting the form.
Or download for Mac or Linux today
Join the Linux waitlist:
Success! You will receive an email from Warp when the release is available to download.
Oops! Something went wrong while submitting the form.
Or download for Mac today / join the Windows waitlist
Join the Linux waitlist or join the Windows waitlist
Join the Windows waitlist:
Success! You will receive an email from Warp when the release is available to download.
Oops! Something went wrong while submitting the form.
Or download for Mac or Linux today
Linux
Unix
Razvan Ludosanu