How to Add and Remove Sudo Access in Ubuntu

In this article, you will learn how to grant a user sudo access for elevated privileges.

Add and Remove Sudo Access in Linux
Add and Remove Sudo Access in Linux

Ubuntu

sudo which is short for "superuser do" or "substitute user do" gives a system admin elevated privileges. With sudo privileges, the system admin can delegate permissions to specific users and can also run elevated prompts without the need to change identity. In this article, you will learn how to add or remove sudo access in Ubuntu.

Let's get started.

You can setup an account on digital ocean to spin up an ubuntu server to follow along with the tutorial. That is if you don't have access to ubuntu.

Claim your free $200 credit on DigitalOcean now!

Granting sudo Rights Through the CLI

There are several ways to do this with the command line. In this article, we'll use the usermod command. To use this method, the user must exist in the system. So we'll start by creating the user.

To create a new user, use the following command.

sudo useradd -m geekbits

The command above will create a user with the name "geekbits". The -m flag creates a home directory. A prompt for the password follows next. Input the password to continue.

Now that the user is created, the method below will give "geekbits" access to sudo  by adding this user to the sudoers file.

Using the usermod command

Follow the steps below to grant "geekbits" sudo rights with the usermod command. Use this command.

sudo usermod -a -G sudo geekbits

The command adds the user geekbits to the sudo group. You can confirm that the user was added to the group with the following command.

sudo -l -U geekbits

You will notice that geekbits can run all the command on the system.

Switch to the newly created account with the following command.

su - geekbits

You can now use sudo command with the new user. Now let's see how you can remove this user from the sudo group.

Removing a User from the sudo group

Exit from geekbits user by typing exit and pressing Enter.

To remove geekbits from the sudo group, we'll use the deluser command as follows.

sudo deluser geekbits sudo

geekbits is now removed from the sudo group. You can confirm with the following command.

sudo -l -U geekbits

Now that the user geekbits is removed from the sudo group, let's login to geekbits and try to use the sudo command. Below are the commands to do that.

su - geekbits

Enter the password for geekbits to continue.

Let's try to make a directory with the sudo command.

sudo mkdir testdir

Notice that the user can no longer use the sudo command because he is not in the sudoers file.

Conclusion

In this article, you have learnt how you can add a user to the sudo group and remove him from the group as well. These are some of the most important tasks a system admin should know how to do. If you found the article helpful, make sure to comment below and subscribe to geekbits.

Thanks for reading : )

You might also be interested in:

How to view sudo command usage on Linux
In this post, you will explore the world of sudo and learn how the sudo command usage. This can allow you to track the users that invoked the sudo command.
Great! Next, complete checkout for full access to GeekBits.
Welcome back! You've successfully signed in.
You've successfully subscribed to GeekBits.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.