Home Ubuntu How To Grant And Remove Sudo Privileges To Users On Ubuntu

How To Grant And Remove Sudo Privileges To Users On Ubuntu

Add and remove sudo access to users in Ubuntu Linux

By sk
Published: Last Updated on 31K views

As you already know, we can perform any administrative tasks with sudo privileges on Ubuntu systems. When creating a new users on your Linux box, they can't do any administrative tasks until you make them to be a member of sudo group. In this brief tutorial, we will look into how to grant and remove sudo privileges to users in Ubuntu and its derivatives such as Linux mint and Pop OS.

Grant sudo privileges to users on Linux

Usually, we use 'adduser' command to create new user like below.

$ sudo adduser ostechnix

If you want the newly created user to perform any administrative tasks, just add the user to the sudo group using command:

$ sudo usermod -a -G sudo ostechnix

The above command will make the user named 'ostechnix' to be the member of sudo group.

Alternatively, you can also use this command to add the users to sudo group.

$ sudo adduser ostechnix sudo

Log out and log back in to apply the changes.

From now on, the user can perform administrative tasks with sudo privilege.

To verify it, just run a command prefixed with sudo like below.

$ sudo mkdir /test
[sudo] password for ostechnix:

Remove sudo privileges of users

Sometimes, you might want to remove sudo privileges from a particular user, but without deleting the user from your Linux box.

To make any user as a normal user, just remove them from the sudo group.

Say for example If you want to remove a user called ostechnix, from the sudo group, just run:

$ sudo deluser ostechnix sudo

Sample output:

Removing user `ostechnix' from group `sudo' ...
Done.

This command will only remove user 'ostechnix' from the sudo group, but it will not delete the user permanently from the system.  Now, the user becomes a regular user and can't do any administrative tasks.

Also, you can use the following command to revoke the sudo access from an user:

$ sudo gpasswd -d ostechnix sudo

Please be careful while removing users from the sudo group. Do not remove the real administrator from the "sudo" group.

Verify the user "ostechnix" has been really removed from sudo group using command:

$ sudo -l -U ostechnix
User ostechnix is not allowed to run sudo on ubuntuserver.

Yes, the user "ostechnix" has been removed from sudo group, and he can't execute any administrative tasks.

Please note that you should be careful while removing a user from a sudo group. If there is only one sudo user on your system and you removed him from the sudo group, you can't perform any administrative tasks such as installing, removing and updating programs on your system.

What if I accidentally revoke sudo access of a user?

Have you accidentally remove an administrative user from the sudo group? No problem! The following guide explains how to restore sudo privileges to a user in Ubuntu and its derivatives.

Conclusion

In this guide, we learned how to add a regular user to sudo group and remove the sudo privileges from the user to make him/her as a normal user in Ubuntu-based systems.

You May Also Like

3 comments

Gary T Faulkner February 19, 2019 - 2:45 am

$ sudo usermod -a -G sudo hduser
The above command will make the user called ‘ostechnix’ to be the member of sudo group.

I don’t think this is correct.

Reply
sk February 19, 2019 - 12:02 pm

Yes, you’re right. Good catch. Corrected now. Thank you.

Reply
jim February 19, 2019 - 6:10 pm

Remember to log out or reboot, that always gets me.

Reply

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. By using this site, we will assume that you're OK with it. Accept Read More