Adding users to Sudoers file in Linux is really easy. You can do it either by manually editing the file or with the use of the usermod command. Either of the methods is fine, the latter being more “clean”. In this tutorial, we’ll go over both the methods in a step-by-step manner.
Note: To add a user to the sudoers file or sudo group, you need a user with elevated privileges.
Steps for Adding Users to Sudoers
Let’s go over the first method which is manually adding the user to the sudoers file. For this, you’ll need a text editor and a user with sudo or root privileges.
If a user you’re working with isn’t added to the sudoers file, you’ll see this message. I’ve created a user for demonstrating within the entire tutorial.
1. Adding Users to Sudoers File Manually
Adding the user to the sudoers file is very easy. All you do is open the /etc/sudoers file and add the username to the list. If you haven’t already read through our tutorial explaining the sudo command and the sudoers file in detail.
Let’s first open the file:
We use the visudo command since it performs sanity checks before the file is saved so as to avoid breaking the sudoers file. Traditionally, the visudo command uses the vi editor. But on Ubuntu, the default editor is changed to nano.
You should still be good if you use any other editor of your choice, as long as you don’t go overboard and change a lot of things that you do not know the formatting for. You’ll see contents within the file similar to the screenshot below.
The place where you see
root ALL=(ALL:ALL) ALL, that’s where we’ll be amending our user name. In my case, I want to add the user “lfd” to the sudoers. I’ll add the following line just below the root line.
lfd ALL=(ALL:ALL) ALL
As you can see in the below image, our lfd user is now sudo-capable! Awesome!
Now let’s move on to the cleaner method of using usermod.
2. Adding sudo Users With usermod Command
Editing the sudoers file is not the “cleanest” way of doing things when we have a utility created for helping us perform those actions. The usermod command allows us to add/edit groups that a user is in.
For adding users to sudoers with the usermod command, we simply need to add the user to the sudo group. Let’s see how we can perform the same.
sudo usermod -a -G sudo <username>
- -a Amend the changes to the existing configuration
- -G The name of the group the user should be added to
- <username> The username of the user that needs to be modified
For this demonstration, I deleted the line from the sudoers file so our user is back to non-sudo. In the below image, I’ve added the user to the sudo group.
Now when the user logs in for the first time after this new group is added, they’ll get a message like the one below notifying them of the change in privileges. You now know both the ways of adding users to sudoers! Great job.
Why Do We Need sudo?
This is a common question among new users who’ve been using Windows and have recently switched to Linux. In Windows, we’re used to logging into the administrator account and using things directly as an administrator.
User Access Control (UAC) was introduced in Windows because staying logged in as an Administrator posed a very obvious security risk. The fact that any software running under the user has full privileges to perform any action on the system. With UAC, most applications run with limited access and only when a system file needs to be modified, Windows prompts the user asking for permission.
This is exactly why we need sudo and root users to be different. If you use root as your user regularly, you’ll be exposing yourself to the risk of giving a malicious application full access to your system. As a root user, you can perform
rm -rf / and delete the entire system without any obstacles. And that’s more than enough to give you an idea of how devastating root access in the wrong hands can be.
So unless you really need to, there’s no point in using the root account. UAC is like sudo, where you only escalate privileges when you need to, and at other times, you stay put with limited access.
We hope that this tutorial has helped you understand the process of adding users to sudoers in Linux and if you’ve followed through, you probably have added your user to the sudo group too.