How to Add Sudo Users in Ubuntu

1. Add User to the sudo Group
2. Add User to the sudoers File

We can execute specific commands only as a root user using the sudo command. The root users are also known as sudo users. We can add sudo users in Ubuntu by adding the user to the sudo group or adding the user to the files inside /etc/sudoers directory.

Add User to the sudo Group

Supose you have a user who is not a sudo user. To add the user to the sudo group, we run the following command as an exisiting superuser:

usermod -aG sudo username

Here, username is the user’s name that needs to be added to the sudo group.

usermod -aG sudo zeppy

It adds the zeppy to sudo group.

We use the whoami command to confirm if the user has been added to sudo.

sudo whoami

This command prompts us for a password and if the password is correct and the user is in the sudo group, root will be printed in the terminal.

Output:

root

If the user is not in the sudo group, we will get an error saying user is not in the sudoers file.

Add User to the sudoers File

The sudo users are listed in the /etc/sudoers file. We can add sudo users by modifying the sudoers file or by adding a new configuration file in the /etc/sudoers.d directory.

We use visudo command to edit /etc/sudoers file using the vim editor. The visudo command checks for syntax errors in the file before saving.

We use the following command to use nano editor to edit the /etc/sudoers file.

EDITOR=nano visudo

If we wish to permit the users to run sudo commands without being prompted for a password, we open the /etc/sudoers file using the below command:

visudo

If it gives an error saying permission denied, try the following command:

sudo visudo

Now /etc/sudo file will be opened, and we need to go the end of the file and add the following line:

username ALL=(ALL) NOPASSWD:ALL

Here, username is the name of the user that we give permission to.

We need to save the file before exiting from the editor.

We can also permit the user to perform only certain commands without a password.

zeppy ALL=(ALL) NOPASSWD:/bin/mkdir,/bin/rmdir

This enables zeppy to execute the commands /bin/mkdir and /bin/rmdir without password.

We can also enable the permissions to the user to be able to run commands by creating configuration files in the /etc/sudoers.d directory.

Now we must add the same content in the files as we added in the /etc/sudo file.

zeppy ALL=(ALL) NOPASSWD:/bin/mkdir,/bin/rmdir

It enables zeppy to execute the commands /bin/mkdir and /bin/rmdir without password.

This method’s advantage is that it makes things more managed as we can create a separate file with every user’s filename.