How To Setup A User Or Group With sudo Privileges On Ubuntu

In this tutorial we walk through setting up two users with sudo access. The first example we will just add a single user. In the second example we will create a group, configure the group sudo permissions and then add the user to the group. The second method allows us to scale quickly for new users that will need sudo access.

If you are not familiar with what sudo is, it allows a user to run a command with root / admin privileges.

 

 

Setup a single user with sudo access:


 

In this example we will keep things simple and just setup a single user named tony with sudo access.

Note: You will need to be logged in as a user with sudo access to complete the following commands.

sudo visudo

Note: visudo is one word.

 

 

Edit the sudo config file with the sudo visudo command

 

 

 

Basically what this is doing is editing the /etc/sudoers file. If you edit the file directly you could run into some issues. That is why you use the visudo command.

Scroll down until you find User privilege specification

 

 

Scroll down until you find the section that says User privileg specification

 

 

Under root ALL=(ALL:ALL) ALL enter the user name followed by ALL=(ALL:ALL) ALL . In this example I am adding the user tony.

 

 

Add your user

 

Now that we have made are changes we just need to save the file. Since by default ubuntu text editor is nano we will need to use CTRL + X keyboard shortcut to exit out.

Now hit CTRL + x

Enter Y to save the file

 

 

Enter Y to confirm saving changes

 

 

Delete .tmp off the end of the file name so it reads /etc/passwd

 

 

For the file name remove the .tmp off the end

 

 

Example of what it should look like

 

 

Enter Y to confirm overwriting the file

 

 

Confirm overwriting the file

 

 

Now just login with the user and test it out.

 

 

 

Setup a group with sudo access:


 

In this example we will create a group called mysudousers and setup the group to have sudo access. We will then add the user bob to the group.

Creating the group:

The first thing we will need to do is create a group. This can be done with the groupadd command.

sudo groupadd NEWGROUPNAME

So in this example of creating the group mysudousers

sudo groupadd mysudousers

 

 

Create your sudo group

 

 

You can confirm that the group was created by viewing the /etc/group file.

cat /etc/group

 

 

View the /etc/group file to confirm your new group was created

 

 

You can see at the bottom my new group has been added (mysudousers)

 

 

Notice at the bottom the new created group

 

 

 

 

Setting the group up with sudo access:

 

We will now want to add the group to the /etc/sudoers file using the visudo command.

sudo visudo

 

 

Edit the configuration of sudo /etc/sudoers

 

 

Scroll down until you find ALL members of group sudo to execute any command

 

 

Scroll down and find Allow members of group sudo to execute any command

 

 

Enter a percent sign and then your group name, followed by ALL=(ALL:ALL) ALL

Example:  %mysudousers ALL=(ALL:ALL) ALL

 

 

Add your group

 

 

Now that we have added the group we will need to save and overwite the /etc/sudoerfile.

Hit CTRL + X on your keyboard

Enter Y to save the file

 

 

Enter Y to confirm saving the file

 

 

Remove .tmp from the end of the path so it reads /etc/sudoers

 

 

Remove .tmp off the end of the file

 

Example of the .tmp removed

 

 

Enter Y to overwrite the file

 

 

Confirm overwriting the file

 

 

 

 

Add the user to the group:

 

Now we just need to add the users we want to have sudo access to the group. We will use the usermod command.

usermod -a -G GROUPNAME USERNAME

So in this example I am adding user bob to the group mysudousers

(Note: The G is capital)

usermod –a –G mysudousers bob

 

 

Add User to the created sudo group with the usermod command

 

 

We should be all set. Login as the user and test it out.

If you enjoyed this post, please share it on your favorite social network by clicking on the “Share / Save” bar below.