In this guide, we are going to learn how to add users to sudo group in Linux. More often than not, you want, as a non-root user, to run commands with elevated privileges in Linux. So the only way this can happen is to give user sudo privileges by adding them to a sudo group or to sudoers file.<\/p>\n\n\n\n
A user can be given sudo privileges by being added to the So what is the difference between sudo\/wheel group and sudoers file?<\/p>\n\n\n\n The sudo\/wheel group has the privileges it has based on what is defined on the sudoers file. In sudoers file, you will see the lines below;<\/p>\n\n\n\n In Debian derivatives;<\/p>\n\n\n\n In RHEL derivatives;<\/p>\n\n\n\n NOTE that a group is prefixed with So based on the two lines above, sudoers security policy requires that users authenticate themselves before they can use sudo command.<\/p>\n\n\n\n However, a password is not required if the invoking user is root, if the target user is the same as the invoking user, or if the policy has disabled authentication for the user or command.<\/p>\n\n\n\n To add user to Where<\/p>\n\n\n\n For example, On Debian and its derivatives, to add a user called john to sudo group;<\/p>\n\n\n\n To confirm the groups of the user, use On RHEL and its derivatives like CentOS;<\/p>\n\n\n\n Well, you can explicitly give users sudo privileges by adding them to the sudoers file. A user whose privileges are defined in the sudoers file doesn’t necessarily have to be added to the sudo or wheel group.<\/p>\n\n\n\n To edit the sudoers file, use the To use vim as your editor, simply run;<\/p>\n\n\n\n Next, run visudo command. Note that you cannot edit the sudoers file as an ordinary user with no sudo privileges.<\/p>\n\n\n\n Once you open the sudoers file, you can give a user sudoers rights as follows.<\/p>\n\n\n\n For example, to enable the user This line allows user john to run all commands with sudo upon authentication.<\/p>\n\n\n\n If you need to allow specific group of users to run the commands with sudo, simply add the line below replacing the To break down these lines in simple terms;<\/p>\n\n\n\n Once the user is given sudo rights, they can now execute privileged commands that are allowed to execute by prefixing them with sudo.<\/p>\n\n\n\n Other Tutorials<\/p>\n\n\n\n Using Find Command to Search for Files and Directories in Linux<\/a><\/p>\n\n\n\n Connect to WiFi in Linux Using NMCLI command<\/a><\/p>\n\n\n\n Extract Log Lines of Specific Dates from a Log File<\/a><\/p>\n\n\n\nsudo<\/code> group in Debian and its derivatives is called wheel<\/code> group in CentOS and similar derivatives.<\/p>\n\n\n\nsudo<\/code>\/wheel<\/code> group or by being added to the sudoers<\/code> file, \/etc\/sudoers<\/code>.<\/p>\n\n\n\n# Allow members of group sudo to execute any command\n%sudo ALL=(ALL:ALL) ALL<\/code><\/pre>\n\n\n\n## Allows people in group wheel to run all commands\n%wheel ALL=(ALL) ALL<\/code><\/pre>\n\n\n\n%<\/code>.<\/p>\n\n\n\nAdd Users to sudo group in Linux<\/h3>\n\n\n\n
wheel<\/code> or sudo<\/code> group, you can use the usermod<\/code> command in the following syntax;<\/p>\n\n\n\nusermod -aG sudo\/wheel USERNAME<\/code><\/pre>\n\n\n\n\n
a<\/code> means add the user to the supplementary group that will be specified with -G<\/code> option.<\/li>\n\n\n\nG<\/code> specifies the supplementary groups to which the user is being added.<\/li>\n\n\n\nsudo\/wheel<\/code> specifies the group to add the user<\/li>\n\n\n\nUSERNAM<\/code> specifies the name of the user being added to the sudo group.<\/li>\n<\/ul>\n\n\n\nusermod -aG sudo john<\/code><\/pre>\n\n\n\nid<\/code> command.<\/p>\n\n\n\nid john\nuid=1002(john) gid=1002(john) groups=1002(john),27(sudo)<\/code><\/pre>\n\n\n\nusermod -aG wheel john<\/code><\/pre>\n\n\n\nid john\nuid=1001(john) gid=1001(john) groups=1001(john), 10(wheel)<\/code><\/pre>\n\n\n\nAdding users to sudoers file in Linux<\/h3>\n\n\n\n
visudo<\/code> command. This will open the sudoers file with your default editor, usually nano if the EDITOR variable has not been set.<\/p>\n\n\n\nexport EDITOR=vim<\/code><\/pre>\n\n\n\nvisudo<\/code><\/pre>\n\n\n\njohn<\/code> to run commands with sudo<\/code> privileges, simply add the line below on the sudoers file.<\/p>\n\n\n\njohn ALL=(ALL:ALL) ALL <\/code><\/pre>\n\n\n\ngroupname<\/code> with your group.<\/p>\n\n\n\n%groupname ALL=(ALL:ALL) ALL<\/code><\/pre>\n\n\n\n\n
john<\/code> or groupname<\/code>: specifies the user or group being assigned the sudo privileges.<\/li>\n\n\n\nALL<\/code> (before =): Specify the host on which the user\/group can have sudo privileges. This means that the user\/group can use sudo on all hosts.<\/li>\n\n\n\nALL:ALL<\/code> (within the brackets): The ALL<\/code> before the colon specifies the user running the command while the ALL<\/code> after the colon specifies the group of the user running the command.<\/li>\n\n\n\nALL<\/code> (the last section): Specifies the command that the user can run. In this case, it means any command.<\/li>\n<\/ul>\n\n\n\n