Sudo Privileges In Linux OS

FOXY🦊KNIGHT
3 min readJul 11, 2023

--

  • Sudo stands for either “substitute user do” or “super user do” and it allows you to temporarily elevate your current user account to have root privileges.
  • System administrators can grant sudo access to allow non-root users to execute administrative commands that are normally reserved for the root user. As a result, non-root users can execute such commands without logging in to the root user account.
  • Also, the root privilege in “sudo” is only valid for a finite time. Once that time expires, you have to enter your password again to regain root privilege.

Procedure

  1. As root, open the /etc/sudoers file. The /etc/sudoers file defines the policies applied by the sudo command.

visudo

  1. In the /etc/sudoers file, find the lines that grant sudo access to users in the administrative wheel group.

## Allows people in group wheel to run all commands

%wheel ALL=(ALL) ALL

  1. Make sure the line that starts with %wheel does not have the # (comment character) before it.
  2. Save any changes, and exit the editor.
  3. Add users you want to grant sudo access to into the administrative wheel group.

usermod — append -G wheel username

Replace username with the name of the user.

Verification steps:

Verify that the user is added to the administrative wheel group:

id username

uid=5000(username) gid=5000(_username) groups=5000(username),10(wheel)

Example — Enabling an unprivileged user to install programs with yum

To enable the user user1 to install httpd using the yum utilities with sudo privileges, use:

  1. As root, open the /etc/sudoers file

Command: visudo

The file will open automatically.

  1. Add the following line in the file, under driver:

Cmnd_Alias APACHE = /bin/yum install httpd, /bin/systemctl enable httpd, /bin/systemctl start httpd, /bin/systemctl stop httpd, /bin/systemctl status httpd, /bin/systemctl restart httpd, /bin/systemctl disenable httpd

Where APACHE — Alias name and it should be in CAPS

  1. Ensure that the two command paths are separated by a ,(comma) followed by a space.
  1. Assign this allias to the user

To verify if the user can run the yum command with sudo privileges, switch the account: sathish

Enter the sudo yum command 🡺 $ sudo yum install httpd

[sudo] password for sathish:

Enter the sudo password for the user sathish.

If you receive the username is not in the sudoers file. This incident will be reported. message, the configuration was not completed correctly. Ensure that you are executing this procedure as root and that you followed the steps thoroughly.

--

--

FOXY🦊KNIGHT
FOXY🦊KNIGHT

Written by FOXY🦊KNIGHT

Developer ➕ Operations = DevOps

No responses yet