Sudo – grant a user with root privileges
Sudo (su “do”) allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments.
Add users to a system group that can use sudo, also known local administrators
sudo usermod -aG sudo nameofuser #enough for Ubuntu, logout required sudo passwd root #sets root password, so it can be used to login
Edit safely /etc/sudoers file
sudo visudo
User rules fields explained
The first ALL is the users allowed | The second one is the hosts; on all hosts (if you distribute the same sudoers file to many computers) | | piotr ALL=(ALL:ALL) ALL / | / The last one is the commands allowed The third one is the user as you are running the command
In examples below names beginning with a “%” indicate group names in /etc/group
root ALL=(ALL) ALL #standard root entry piotr ALL=(ALL) NOPASSWD: ALL #user can run as root without password piotr ALL= NOPASSWD: ALL #piotr will not be prompted for password, just another format to above piotr ALL= NOPASSWD: /usr/bin/service #piotr will not be prompt for password while running 'service' command %wheel ALL=(ALL) NOPASSWD: ALL #members of 'wheel' group can run without a password
If you find a number of entries applied to your user, the last entry takes precedence
sudo -l #list all of the rules in the /etc/sudoers that apply to your user sudo -k #clear the timer