Home » Linux » Configuring root privileges for users with sudo

Configuring root privileges for users with sudo

Update on:
Apr 28, 2021

The Ubuntu Desktop or Server is installed with default root user; even on a cloud, you will get preinstalled Ubuntu server with an inbuilt root user. This account has full administrative access to perform administrative tasks. But sometimes, you need a different user account with root privileges or may be fewer privileges access. The user can use the sudo command with any command to get extra privileges.

This tutorial shows how to grant or provide sudo privileges to a newly created user.

Getting ready

You will need a root account or an account with root privileges.

How to do it…

Follow these steps to get the root privileges with sudo:

Add new user if required:

[et_pb_dmb_code_snippet code=”JCBzdWRvIGFkZHVzZXIgam9obg==” _builder_version=”4.9.4″ _module_preset=”3a2d4e4b-f2ae-4571-a284-ca584312491f” hover_enabled=”0″ sticky_enabled=”0″]JCBzdWRvIGFkZHVzZXIgam9obg==[/et_pb_dmb_code_snippet]

Make john a member of sudo group with the following command:

[et_pb_dmb_code_snippet code=”JCBzdWRvIGFkZHVzZXIgdXNlcm5hbWUgc3Vkbw==” _builder_version=”4.9.4″ _module_preset=”3a2d4e4b-f2ae-4571-a284-ca584312491f” hover_enabled=”0″ sticky_enabled=”0″]JCBzdWRvIGFkZHVzZXIgdXNlcm5hbWUgc3Vkbw==[/et_pb_dmb_code_snippet]

How it works…

All sudo access rules are configured in a file located at /etc/sudoers. This file contains a list of users and groups that are allowed to use the sudo command:

[et_pb_dmb_code_snippet title=”/etc/sudoers” code=”YWxhbiBBTEw9KEFMTDpBTEwpQUxMIC8vIGFsbG93IHN1ZG8gYWNjZXNzIHRvIHVzZXIgYWxhbgolc3VkbyAgQUxMPShBTEwpICBBTEwgLy8gYWxsb3cgc3VkbyBhY2Nlc3MgdG8gbWVtYmVycyBvZiBzdWRv” _builder_version=”4.9.4″ _module_preset=”369a0a83-f997-4079-bcdc-749886c9e1c7″ hover_enabled=”0″ sticky_enabled=”0″]YWxhbiBBTEw9KEFMTDpBTEwpQUxMIC8vIGFsbG93IHN1ZG8gYWNjZXNzIHRvIHVzZXIgYWxhbgolc3VkbyAgQUxMPShBTEwpICBBTEwgLy8gYWxsb3cgc3VkbyBhY2Nlc3MgdG8gbWVtYmVycyBvZiBzdWRv[/et_pb_dmb_code_snippet]

The line "satish ALL=(ALL:ALL) ALL" defines the user “satish” with sudo privileges, which means new user satish can run any command like any other user.

The line %sudo ALL=(ALL) ALL defines that any member of system’s group sudo can run any command as any user.

We have to add a new user to the group sudo, and that user will automatically get sudo privileges. After getting the sudo group membership, the user needs to log out and log back in for the changes to take effect. To effect new privileges for the user need to be restart the shell. Optionally, you have always option to go and change the sudoers file as per requirements and specific condition.


Make sure that you use the visudo tool to make any changes to sudoers file.

Here, we will show you how to set a password-less sudo access and some extra benefits of sudo.

Setting password less sudo Privileges

sudo is very simple and useful to use temporary root privileges, but the only thing is you need to enter the password whenever you use sudo. This will create a problem for users who are set with no password. But you can solve this problem by setting the NOPASSWD flag in the setting using the sudoers file.

Open the sudoers file with the visudo command:

[et_pb_dmb_code_snippet code=”JHN1ZG8gdmlzdWRv” _builder_version=”4.9.4″ _module_preset=”3a2d4e4b-f2ae-4571-a284-ca584312491f” hover_enabled=”0″ sticky_enabled=”0″]JHN1ZG8gdmlzdWRv[/et_pb_dmb_code_snippet]

Select the line for user or group you want to allow password-less sudo access.

Add NOPASSWD after closing the bracket:

[et_pb_dmb_code_snippet title=”/etc/sudoers” code=”JXN1ZG8gICBBTEw9KEFMTDpBTEwpIE5PUEFTU1dEOiBBTEw=” _builder_version=”4.9.4″ _module_preset=”369a0a83-f997-4079-bcdc-749886c9e1c7″ hover_enabled=”0″ sticky_enabled=”0″]JXN1ZG8gICBBTEw9KEFMTDpBTEwpIE5PUEFTU1dEOiBBTEw=[/et_pb_dmb_code_snippet]

Press Ctrl + O and then confirm with the Enter key to save the changes.

Press Ctrl + X to exit visudo.

After doing the above configuration, a user of the group sudo can use the sudo command without entering a password. You can also use a similar setting to a specific user for providing password-less access.

The sudoers program use cache authentication for small-time generally, it is for 15 minutes. When reusing the authentication within timeout, you will notice the terminal will not ask password again, and it works like password-less sudo without setting the NO PASSWORD flag.

Other uses of sudo

In addition to running a single command with sudo, you might want to execute a list of commands with the sudo privileges. Then, you can open a shell with root access (# prompt) with the command $sudo -s. The shell environment remains same as original user, but now you can execute commands as a root user.

Alternatively, you can switch user to root with the command $sudo su -. This command will open a new shell as a root user.

Related Posts

Creating a lame utility HTTP server in Linux Operating System

In this article, we will discuss the cURL tool in Linux. The cURL tool is used for transferring the data from or to a server. It supports many protocols, and http is one of them. cURL is used to transfer the data from URL. It has so many tricks to offer, such as http...

Finding binary dependencies in Linux Operating System

In this article, we are going to check the executable. We will find out which string is present in it by using the string command.PrerequisitesBesides having a terminal open, make sure you have a binary present in your directory.Find dependencies First, we...

Capturing network traffic headlessly in Linux Operating System

In this article, we are going to learn how to capture traffic. We are going to capture network traffic with a packet sniffer tool called tcpdump. This tool is used to filter or capture TCP/IP packets that are transferred or received over a network.PrerequisitesBesides...

Follow Us

Our Communities

More on Linux

The Ultimate Managed Hosting Platform
Load WordPress Sites in as fast as 37ms!



Submit a Comment

Your email address will not be published.

seven + 19 =