Giving Users Adminastrative Privileges
If you just want to allow a user to run commands with sudo, all you need to do is add them to the sudo group as shown below:
sudo adduser [USER] sudo
The Sudoers File
Another way to add them, is to edit the /etc/sudoers file. One must use the visudo tool as shown below to prevent errors being made which could possibly "brick" your system.
sudo visudo -f /etc/sudoers
Find the line below:
root ALL=(ALL:ALL) ALL
and then add your user directly below it.
[USER] ALL=(ALL:ALL) ALL
Passwordless Sudo
If you want the user to be able to use sudo without having to enter a password, such as for automated installation scripts (not recommended), then you can edit the sudoers file as shown above, but enter the following line at the bottom of the file:
[USER] ALL=(ALL) NOPASSWD: ALL
Execute Certain Command As Root
If you need a specific user to be able to run a specific command as root, then you can do so like this:
[USER] ALL=(root) NOPASSWD: /path/to/my/executable
... this was particularly useful to me as I needed my webserver user to be able to run a specific PHP phar file I had created on the system as root in order to have it manage a very specific set of system capabilities. E.g.
www-data ALL=(root) NOPASSWD: /path/to/my/tool.phar
References
First published: 16th August 2018
