Sudo – grant a user with root privileges

Sudo – grant a user with root privileges

Sudo (su “do”) allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments.

Add users to a system group that can use sudo, also known local administrators

sudo usermod -aG sudo nameofuser  #enough for Ubuntu, logout required
sudo passwd root #sets root password, so it can be used to login

Edit safely /etc/sudoers file

sudo visudo

User rules fields explained

        The first ALL is the users allowed
         |    The second one is the hosts; on all hosts (if you distribute the same sudoers file to many computers)
         |     |
   piotr ALL=(ALL:ALL) ALL
                  /     |
                 /   The last one is the commands allowed
         The third one is the user as you are running the command

In examples below names beginning with a “%” indicate group names in /etc/group

root  ALL=(ALL)    ALL              #standard root entry
piotr ALL=(ALL)    NOPASSWD: ALL    #user can run as root without password

piotr ALL=         NOPASSWD: ALL      #piotr will not be prompted for password, just another format to above
piotr ALL= NOPASSWD: /usr/bin/service #piotr will not be prompt for password while running 'service' command
%wheel ALL=(ALL)   NOPASSWD: ALL      #members of 'wheel' group can run without a password

If you find a number of entries applied to your user, the last entry takes precedence

sudo -l #list all of the rules in the /etc/sudoers that apply to your user
sudo -k #clear the timer