How To Find All Sudo Users In Your Linux System

Find All Sudo Users

The other day a fellow Linux user asked me how to find the number of super users (the users who have sudo access) do I have in my Linux server? Good question, but, I didn’t have the answer. LOL! So, I did a quick google search. To my surprise, it’s not that difficult. It’s just a single-line command. How come I didn’t know this simple trick already? For those wondering how to find all sudo users or super users in your Linux system, read on.

You might argue a good Linux administrator must know how many super users and normal users are there in a system he is managing. You’re right! However, there are chances that sometimes we need to give a temporary sudo access to a normal user to install a software or do certain administrative task on his/her own. Over time, we might forget to revoke the sudo access. So, it is good practice to know how many super users are in your system from time to time. If there are any forgotten or unwanted sudo access, you can simply revoke them.

Find All Sudo Users In A Linux System

Let us first list all users in the system. To do so, run:

$ awk -F':' '{ print $1}' /etc/passwd

Sample output from my Ubuntu system:

root
daemon
bin
sys
sync
games
man
lp
mail
news
uucp
proxy
www-data
backup
list
irc
gnats
nobody
systemd-timesync
systemd-network
systemd-resolve
systemd-bus-proxy
syslog
_apt
lxd
messagebus
uuidd
dnsmasq
sshd
sk
senthil
kumar
ostechnix

You can also use the following command to list all users:

$ compgen -u

Among all users, let us only find the sudo or super users in our Linux system.

$ grep '^sudo:.*$' /etc/group | cut -d: -f4
sk,ostechnix

Also, you can use “getent” command instead of “grep” to get the same result.

$ getent group sudo | cut -d: -f4
sk,ostechnix

As you see in the above output, “sk” and “ostechnix” are the sudo users in my system.

In the above examples, we listed all sudo users. You might want to know whether a certain user has sudo privilege or not.

To do so, run:

$ sudo -l -U sk

Sample output:

Matching Defaults entries for sk on ubuntuserver:
 env_reset, mail_badpass,
 secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin

User sk may run the following commands on ubuntuserver:
 (ALL : ALL) ALL

As you see, the user named “sk” can perform all commands. So, he is in the sudo group. Let us check another user.

$ sudo -l -U senthil

Sample output:

User senthil is not allowed to run sudo on ubuntuserver.

Oops! The user “senthil” is not allowed to run sudo, so he is just a normal user.

We can also find if an user has sudo access by running the following command:

$ sudo -nv

If you get nothing as output, the user still has sudo access.

If you see an output like below, then the user doesn’t has sudo access.

$ sudo -nv
Sorry, user senthil may not run sudo on ubuntuserver.

Remove sudo privileges of an User

You know now the sudo users in your Linux system. You might not want to grand sudo access to some users.

If you want to remove the sudo access of a particular user, you can simply run:

$ sudo deluser <username> sudo

Example:

$ sudo deluser ostechnix sudo

Sample output:

Removing user `ostechnix' from group `sudo' ...
Done.

The above command will remove the user named “ostechnix” from the “sudo” group, but not from the system. In other words, the user “ostechnix” will now become as a normal user.

Also, you can use the following command to revoke the sudo access from an user:

$ sudo gpasswd -d ostechnix sudo

Please be careful while removing users from the sudo group. Do not remove the real administrator from the “sudo” group.

Verify the user “ostechnix” has been really removed from sudo group using command:

$ sudo -l -U ostechnix
User ostechnix is not allowed to run sudo on ubuntuserver.

Yes, the user “ostechnix” has been removed from sudo group, and he can’t execute any administrative tasks.

And, that’s all for now. Hope you find this useful. Happy weekend!

Cheers!!

Thanks for stopping by!

Help us to help you:

Have a Good day!!

You may also like...