Grant User Sudo Access (Add to Sudoers File or Wheel Group)
n Linux operating system, most of the users log in as standard user or normal user. But occasionally, one has to have administrator or root privileges in order to perform certain administrative tasks. Normally administrative privileges are only available for root users, however through sudo command, Linux user can be granted administrator privileges without having to login to root account.
In order to grant administrator privileges to non-root users temporarily by ad-hoc basis, Linux users can use the sudo command. To allow an user to have sudo access in Linux, the user account has to be added to sudoers file. Follow the guide below to configure sudo for an user account in Linux operating system such as CentOS, RedHat Enterprise Linux, Ubuntu, and etc.
If you’re attempting to sudo without adding the account to sudoers, you will get the following error message:
username is not in the sudoers file. This incident will be reported.
- Login to Linux OS as root, or a user account with sudo access.
- Install sudo if it’s not yet installed (most major Linux distributions have sudo installed by default):
apt-get install sudo
For RPM-based Linux:
yum install sudo
- Edit the sudo configuration file, sudoers, with visudo:
- Search for the following line:
root ALL=(ALL) ALL
- Below the line, add the user name that you want to grant sudo administrator privileges, in the same format as the root’s line. For example (replace tjuser with actual user name):
tjuser ALL=(ALL) ALL
To add text, press Insert or I key to enter editing mode. When finishing editing the text, press Esc key to exit from editing mode.
- Save the file and exit from visudo by typing:
- You can now login with the standard user account that added to sudoers and use sudo command to gain root privileges.
Linux also has a group called wheel that is normally given sudo permissions by default. Thus, it’s also possible to add a user account to wheel group in order to grant it the sudo access.
Ensure that sudoers, the sudo configuration file, has enabled the setting to allow people in the group wheel to run all commands. To enable, one of the following line should be uncommented (turned on):
## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL
## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
Use the following command to add the user to the wheel group:
usermod -aG wheel tjuser
Replace tjuser with actual user name.
You can test the sudo access of user account by switching to that user account directly with the following command (replace tjuser with actual user name):
sudo - tjuser
Then, try out the sudo access by prepending sudo before the actual command to run, or simply run the following command:
Enter the password for the user account. If the user has proper sudo access, you should get # sign for the shell.