Programster's Blog

Tutorials focusing on Linux, programming, and open-source

Giving Users Adminastrative Privileges

If you just want to allow a user to run commands with sudo, all you need to do is add them to the sudo group as shown below:

sudo adduser [USER] sudo

The Sudoers File

Another way to add them, is to edit the /etc/sudoers file. One must use the visudo tool as shown below to prevent errors being made which could possibly "brick" your system.

sudo visudo -f /etc/sudoers

Find the line below:

root    ALL=(ALL:ALL) ALL

and then add your user directly below it.

[USER]    ALL=(ALL:ALL) ALL

Passwordless Sudo

If you want the user to be able to use sudo without having to enter a password, such as for automated installation scripts (not recommended), then you can edit the sudoers file as shown above, but enter the following line at the bottom of the file:

[USER] ALL=(ALL) NOPASSWD: ALL

Execute Certain Command As Root

If you need a specific user to be able to run a specific command as root, then you can do so like this:

[USER]     ALL=(root) NOPASSWD: /path/to/my/executable

... this was particularly useful to me as I needed my webserver user to be able to run a specific PHP phar file I had created on the system as root in order to have it manage a very specific set of system capabilities. E.g.

www-data     ALL=(root) NOPASSWD: /path/to/my/tool.phar

References

Last updated: 15th April 2024
First published: 16th August 2018