There are certain commands which require administrative rights. Such commands can only be executed by an administrative user or some user who can escalate privileges. A regular user can escalate privileges with sudo command. Though it isn’t necessary that sudo command is always configured for administrative rights. But, default behavior in Ubuntu does escalate privileges. In this article, we cover how to add a user to sudoers in Ubuntu.
To run a command with escalated privileges, precede the command with sudo command. For instance, to edit /etc/hosts files – we need administrative rights. Use a text editor like nano, and run the following in terminal –
sudo nano /etc/hosts
It would prompt you for the password next. If you can escalate privileges, it should work for you. Else, contact your System Administrator.
If you have got the administrative rights and want a user to have escalated privileges. Then, add the users to Sudoers. We cover it next.
Note: Following operations require administrative rights.
Add user to Sudoers
If a user doesn’t have the privileges and he/she tries to use sudo then it would throw an error –
$USER is not in the sudoers file. This incident will be reported.
Clearly, user is not in the sudoers file. Use command visudo to edit the file – /etc/sudoers
sudo visudo
Why visudo? It would check for syntax errors. We would be notified if it finds an error. Perhaps the safest way to edit /etc/sudoers file.
Following are the components of /etc/sudoers –
username host = command
So, we have the option to let user escalate privileges for a specific commands or just run anything like root. We cover each of these next.
Firstly, its about specific commands access. Let’s say we have a user – testuser and command which we want the user to execute is apt. This is what our entry in /etc/sudoers would look like –
testuser ALL=/usr/bin/apt
testuser is now allowed to use apt.
If there are multiple commands we need to allow, separate them with comma (,).
testuser ALL=/usr/bin/apt,/usr/sbin/adduser
Use whereis command-line tool, to locate a command. For instance,
whereis apt
Secondly, to let a user execute anything just like a superuser i.e. root –
testuser ALL=ALL
Word of caution: Unless required, it is not advisable to have multiple users who get administrative rights like root.
In conclusion, it is better to let user escalate privileges for specific commands. We can do that by adding a user to sudoers in Ubuntu.
