How to add Users to Sudoers File in Ubuntu
SUDO is a command-line program that allows trusted users to execute commands as root or another user.
sudo allows you to run a Unix command as a different user. Using /etc/sudoers file to confirm what privileges are available to you, this command effectively elevates your access rights, thus allowing you to run commands and access files that would otherwise be not available to you.
How sudo command works
The sudoers file is a text file that lives at “/etc/sudoers.” It controls how sudo works on your machine. You are probably familiar with sudo’s primary role of elevating your current account’s privileges to root, the superuser on all Unix-based systems.
The real and effective user id (uid) and group id (gid) are set to match those of the target user as specified in /etc/sudoers file (the safest way to change this file is to use the visudo command — check out the visudo tutorial). The way you use sudo is simple enough: you run this command and specify a command-line you’d like to run with the privileges of a different user. Before the requested command is run, you are asked to confirm your identify by providing your user password.
The sudoers file is located at /etc/sudoers . And you should not edit it directly, you need to use the visudo command.
VISUDO
Now mainly the VISUDO file is used for adding the users in sudoers file.
visudo is a tool for safely updating the /etc/sudoers file, found in most Linux systems (Ubuntu for example). This is the file that is required for allowing regular users to run commands with superuser privileges — using sudo command.
Here’s what the Ubuntu man page says about it, I think it’s a great summary:
visudo edits the sudoers file in a safe fashion, analogous to vipw. visudo locks the sudoers file against multiple simultaneous edits, provides basic sanity checks, and checks for parse errors. If the sudoers file is currently being edited you will receive a message to try again later.
Attention: due to the sensitive content of the /etc/sudoers file, you can only run visudo as root.
Using visudo to edit the /etc/sudoers
This is the default behavior of the visudo command: simply run it without any parameters, and it will open the contents of the /etc/sudoers file in a vi editor, allow you to edit it, and will then apply the changes.
The reason I’m highlighting the fact of applying the changes is because vi session will not be editing the actual /etc/sudoers file, but a temporary copy of it created by visudo. After you make the changes and exit the vi, visudo will do the syntax checks on the file before replacing the actual /etc/sudoers file.
Hint: if you’re using a different text editor, you can easily override it by setting the EDITOR variable in your shell, visudo is intelligent enough to respect it and use the specified editor.
Using visudo to check the /etc/sudoers syntax
Sometimes you don’t want to update the file using this command but would like to verify that the syntax of /etc/sudoers is correct. That’s when the -c option for visudo comes in:
root@ubuntu:~$ visudo -c
/etc/sudoers file parsed OKWe are going to use visudo file to add users to that file.
visudo is a special tool in Unix/Linux for safely updating the /etc/sudoers file, used by the sudo command for providing and managing privileged access.
for safely updating the /etc/sudoers file, found in most Linux systems (Ubuntu for example).
Since /etc/sudoers file defines rules for (sometimes passwordless) access to privileged access, you can only run visudo as root.
root@ubuntu:~$ /usr/sbin/visudo
visudo: /etc/sudoers: Permission deniedHow visudo command works
You don’t need to specify any command line options. Just become root and run the command. You’ll be shown your default text editor window with the /etc/sudoers file.
Just run the below command:
root@ubuntu:~$ /usr/sbin/visudoAfter running this above command you will get the below file, in this just add users.
You can see “User privilege specification”, the only root is added there down to root line you can add many users as same as root.
Like:
root ALL=(ALL:ALL) ALL
farzana ALL=(ALL:ALL) ALL
After adding users in visudo file “ctlr+x” and enter “y”it will save the visudo file. Now you can use Sudo. Like installing libraries, updating, etc.
If you inspect the screenshot carefully, you’ll notice the first important reason visudo command is so useful: it doesn’t edit the /etc/sudoers file directly. Instead, it makes a copy of it, called /etc/sudoers.tmp, and allows you to edit it. This means that if something happens to your editing session (server crashes, power goes, connection to the remote server gets broken), there is no risk of leaving your server in a random security state /etc/sudoers wise.
Once you finish editing, visudo will perform a number of checks on the resulting /etc/sudoers.tmp file before appying its changes into /etc/sudoers file. If an issue is found, you’ll get the message about it after you save the file and exit your text editor:
root@ubuntu:~$ visudo
>>> /etc/sudoers: syntax error near line 11 <<<
What now?Just press Enter to see the options:
Options are:
(e)dit sudoers file again
e(x)it without saving changes to sudoers file
(Q)uit and save changes to sudoers file (DANGER!)What now?
Most likely you’ll want to press e to continue editing the file. But if you can’t find what’s wrong (it may well be that /etc/sudoers was broken by someone else before you, because — you guessed it — they edited file manually instead of using visudo) — if that’s the case, you may just press x to exit and to investigate the /etc/sudoers file more.
Conclusion:
Granting sudo access to a user in Ubuntu is a simple task, all you have to do is to add the users to the “visudo” file.
References:
I hope this article helped you. Please leave comments/suggestions below!
