Authors Top

If you have a few years of experience in the Linux ecosystem, and you’re interested in sharing that experience with the community, have a look at our Contribution Guidelines.

1. Overview

In this article, we’ll learn how to give full sudo privileges to a local user in Linux. We’ll also learn how to give limited sudo access to a user so it can only run a specific set of commands with sudo.

2. Giving Full Sudo Access to a User

A user that has full sudo privileges can run all Linux commands as root. This is required when we run commands in the terminal that need to access root directories or files in the filesystem. There are two ways we can give full sudo privileges to a user.

2.1. Editing the Sudoers File

We have to log in as a user that has full sudo privileges. After that, we have to run sudo visudo. This will open up an editor on the command line. We have to add this line at the end of the file:

<user> ALL=(ALL) ALL

This will give full sudo privileges to <user>. Replace <user> with the actual user.

In addition, we can add NOPASSWD to the line so that <user> won’t have to enter the password every time they run a command with sudo:

<user> ALL=(ALL) NOPASSWD: ALL

To exit the editor, press CTRL+X and then press Y to modify the file. After that, press ENTER to exit the editor.

2.2. Adding the User to the Sudo Group

Alternatively, we can add the user to the sudo group using usermod:

sudo usermod -aG sudo <user>

This will add <user> to the sudo group. Members of the sudo group have full sudo privileges. Make sure to replace <user> with the actual user.

3. Giving Limited Sudo Access to a User

A user with limited sudo access can only run a particular set of commands as root. After logging in as a user that already has full sudo privileges, we should run sudo visudo and add this line at the end of the file:

<user> ALL=(ALL) NOPASSWD: <commands>

This will allow <user> to execute the specified commands with sudo, and they won’t be asked for a password each time. Make sure to replace <commands> with the location of each command and separate them with a comma. So, for example, it would be something like this:

baeldung ALL=(ALL) NOPASSWD: /usr/bin/apt, /usr/bin/whoami

The user, baeldung, can run apt and whoami with sudo privileges.

4. Conclusion

In this short tutorial, we learned how to give full sudo privileges as well as limited sudo privileges to users in Linux.

Authors Bottom

If you have a few years of experience in the Linux ecosystem, and you’re interested in sharing that experience with the community, have a look at our Contribution Guidelines.

Comments are closed on this article!