The Ubuntu Desktop or Server is installed with default root user; even on a cloud, you will get preinstalled Ubuntu server with an inbuilt
root user. This account has full administrative access to perform administrative tasks. But sometimes, you need a different user account with
root privileges or may be fewer privileges access. The user can use the
sudo command with any command to get extra privileges.
This tutorial shows how to grant or provide
sudo privileges to a newly created user.
How to do it…
Follow these steps to get the root privileges with
Add new user if required:
$ sudo adduser john
john a member of
sudo group with the following command:
$ sudo adduser username sudo
How it works…
sudo access rules are configured in a file located at
/etc/sudoers. This file contains a list of users and groups that are allowed to use the
alan ALL=(ALL:ALL)ALL // allow sudo access to user alan %sudo ALL=(ALL) ALL // allow sudo access to members of sudo
"satish ALL=(ALL:ALL) ALL" defines the user “satish” with
sudo privileges, which means new user satish can run any command like any other user.
%sudo ALL=(ALL) ALL defines that any member of system’s group sudo can run any command as any user.
We have to add a new user to the group sudo, and that user will automatically get
sudo privileges. After getting the sudo group membership, the user needs to log out and log back in for the changes to take effect. To effect new privileges for the user need to be restart the shell. Optionally, you have always option to go and change the sudoers file as per requirements and specific condition.
Make sure that you use the
visudo tool to make any changes to
Setting password less sudo Privileges
sudo is very simple and useful to use temporary
root privileges, but the only thing is you need to enter the password whenever you use
sudo. This will create a problem for users who are set with no password. But you can solve this problem by setting the
NOPASSWD flag in the setting using the
sudoers file with the
Select the line for user or group you want to allow password-less
NOPASSWD after closing the bracket:
%sudo ALL=(ALL:ALL) NOPASSWD: ALL
Press + and then confirm with the key to save the changes.
visudo. + to exit
After doing the above configuration, a user of the group sudo can use the sudo command without entering a password. You can also use a similar setting to a specific user for providing password-less access.
The sudoers program use cache authentication for small-time generally, it is for 15 minutes. When reusing the authentication within timeout, you will notice the terminal will not ask password again, and it works like password-less sudo without setting the NO PASSWORD flag.
Other uses of sudo
In addition to running a single command with
sudo, you might want to execute a list of commands with the
sudo privileges. Then, you can open a shell with root access (
# prompt) with the command
$sudo -s. The shell environment remains same as original user, but now you can execute commands as a root user.
Alternatively, you can switch user to root with the command
$sudo su -. This command will open a new shell as a root user.