How to Add a User to Sudoers in Ubuntu
You give a user sudo access in Ubuntu by granting them permission to run commands with administrator power, like the system’s main administrator (the root user).
The sudo command lets authorized users run specific commands with administrator privileges, which is essential for making system changes.
In Ubuntu, you usually add users to the built-in sudo group to grant them access. This is a common way to give someone sudo privileges.
For more control, you can also edit the /etc/sudoers file directly to define exactly which commands they can run with sudo.
Add a user to the ‘sudo’ group using the command `sudo usermod -aG sudo username`. This grants them administrator privileges to run commands as root. The user must log out and back in for the change to take effect.
Quick Reference
| Task | Command |
|---|---|
| Add user to sudo group | sudo usermod -aG sudo username |
| Check user groups | groups username |
| See user’s sudo permissions | sudo -l -U username |
| Edit sudoers file safely | sudo visudo |
| Create sudoers file for user | sudo visudo -f /etc/sudoers.d/username |
| Test sudo access | sudo whoami |
1Add User to the sudo Group (Easiest Way)
Adding an Ubuntu user to the sudoers list grants administrator privileges. This action adds the user to the 'sudo' group. Membership in the 'sudo' group allows users to run computer commands with administrator power. This administrator power enables users to make system-wide changes.
Step 1: Open the terminal.
Step 2: Run this command, replacing username with the actual user’s name:
sudo usermod -aG sudo usernameStep 3: The user needs to log out and log back in for the change to take effect. Alternatively, they can start a new login shell:
su - usernameCheck the User’s Groups
To confirm the user is in the sudo group, run this command:
groups usernameYou should see the user’s name listed.
Test sudo Access
Switch to the user (if you’re not already) and run:
sudo whoamiIf it asks for a password and then shows root, sudo is working!
2Give User Custom sudo Permissions (Using sudoers File)
Sometimes you want to control exactly what commands a user can run with sudo. That’s when you edit the /etc/sudoers file.
visudo. It checks for mistakes before saving to prevent breaking sudo access.Open sudoers File Safely
In the terminal, run:
sudo visudoThis command opens the sudoers file in the default editor.
If you prefer the nano editor (which many users find more intuitive), run:
sudo EDITOR=nano visudoGive Full sudo Access to a User
At the bottom of the file, add this line, replacing username with the actual user:
The added user gains the ability to run any command as the superuser using the `sudo` command. When the user executes a command with `sudo`, the system will prompt for the added user's password for verification, which is a security measure.
Allow User to Run sudo Without Password
Granting a user passwordless sudo access in Ubuntu requires changing the sudoers file. Administrators must add the `NOPASSWD: ALL` rule to the user's entry in the sudoers file. This change lets the user run any command with administrator rights without needing a password, speeding up repeated jobs.
username ALL=(ALL:ALL) NOPASSWD: /bin/mkdir, /bin/rmdirOr, to require a password for specific commands like apt and systemctl:
username ALL=(ALL:ALL) /usr/bin/apt, /usr/bin/systemctlUse the /etc/sudoers.d Folder for User Rules
Managing sudo rules for individual users in Ubuntu is cleaner and safer by using the /etc/sudoers.d folder, which lets you create separate files for each user’s permissions.
To create a file for a user, run:
sudo visudo -f /etc/sudoers.d/usernameThen add your rules inside, for example:
username ALL=(ALL:ALL) NOPASSWD:ALLTip: The file name should not contain dots (.) or end with a tilde (~), or sudo will ignore it.
See What sudo Permissions a User Has
To check what commands a user can run with sudo, run this:
sudo -l -U usernameThis shows a list of allowed and forbidden commands for that user.
Summary
- Easy method: Add users to the
sudogroup to give full sudo access. - Control access: Edit the sudoers file or add files in
/etc/sudoers.dfor custom permissions. - Always use
visudo: It prevents mistakes that could lock you out. - Be careful with passwordless sudo: It can make your system less safe.
- Check sudo permissions regularly: Use
sudo -l -U usernameto verify.
To manage sudo permissions in Ubuntu, you can add users to the ‘sudo’ group for full access, or use the /etc/sudoers.d folder for custom rules on specific commands.
Was this guide helpful?
About the Author
Richard
Tech Writer, IT Professional
Richard, a writer for Geek Rewind, is a tech enthusiast who loves breaking down complex IT topics into simple, easy-to-understand ideas. With years of hands-on experience in system administration and enterprise IT operations, he’s developed a knack for offering practical tips and solutions. Richard aims to make technology more accessible and actionable. He's deeply committed to the Geek Rewind community, always ready to answer questions and engage in discussions.
No comments yet — be the first to share your thoughts!