Home Linux System Administration How To Add a User to Sudoers On Debian 10 Buster

How To Add a User to Sudoers On Debian 10 Buster

by schkn

In today’s tutorial, we are going to see how you can add a user to sudoers on Debian distributions.

The sudo command allows authorized users to perform commands as another user, which is by default the root user.

There are two ways to add a user to sudoers : you can add this user to the sudo group or you can add this user to the sudoers file located at etc.

Here are the details of the two methods.

I – Adding an existing user to the sudo group

As a prerequisites, make sure that the sudo command is available by default. If it’s not the case, you can install it by running (with an account with admin rights)

$ apt-get update
$ apt-get install sudo

The first method is to add the user to the sudo group.

To do that, you are going to use the “usermod” command with the capital G flag (for groups)

$ sudo usermod -a -G sudo user

You can also use the gpasswd command to grand sudo rights.

$ sudo gpasswd -a bob sudo
Adding user to the group sudo

Make sure that the user belongs to the sudo group with the groups command.

$ su - user
(password for user)

$ groups
user sudo

You should now be able to perform a sudo request on Debian 10.

Depending on the configuration you chose during your Debian 10 installation process, you may or may not have access to a root account. If you chose a password for your root account, you will be able to connect to it. Otherwise, the default admin account is the one you created during the installation process.

II – Adding an existing user to the sudoers file

The sudoers file is located at /etc/sudoers.

This file contains a set of rules that are applied to determine who has sudo rights on a system, which commands they can execute with sudo privileges, and if they should be prompted a password or not.

However, you should never modify the sudoers file with a text editor.

Saving a bad sudoers may leave you with the impossibility of getting sudo rights ever again.

Instead, you are going to use visudo, a tool designed to make sure you don’t do any mistakes.

$ sudo visudo

This is what you should see.

The sudoers file on Debian 10 Buster

At the end of the file, add a new line for the user.

john       ALL=(ALL:ALL) ALL
Sudoers syntax on Debian 10

By default, the account password will be asked every five minutes to perform sudo operations.

However, if you want to remove this password verification, you can set the NOPASSWD option.

john       ALL=(ALL:ALL) NOPASSWD:ALL

If you want the password verification to be skipped for longer periods of time, you can overwrite the timestamp_timeout (in minutes) parameter in your sudoers file.

# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#

Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path = /sbin:/bin:/usr/sbin:/usr/bin
Defaults        timestamp_timeout=30

III – Adding a group to the sudoers file

Via the visudo, you can add an entire group to the sudoers.

This might be handy if you have a group for system administrators for example. In this case, you simply have to add a user to the system administrators group for him/her to be granted sudo privileges.

To add a group to the sudoers file, simply add a percent symbol at the beginning of the file.

%sysadmins       ALL=(ALL:ALL) NOPASSWD:ALL

Make sure that your user is part of the designed group with the groups command.

$ su - user
$ groups
user sysadmins

You can test your new sudo rights by changing your password for example

$ sudo passwd

IV – Most Common Errors

  • user is not in the sudoers file. This incident will be reported.
User not in sudoers file on Debian 10

This is the standard error message you get when a user does not belong to the sudo group on Debian 10.

By adding this user to the sudoers file on Debian, this error message should not be raised anymore.

You may also like

30 comments

Vadim August 18, 2019 - 8:35 am

An error in:
$ sudo gpasswd -a bob user <————————- need sudo, not user
Adding user to the group sudo

Should do so:
$ sudo gpasswd -a bob sudo

Reply
schkn August 18, 2019 - 8:42 am

Thank you!

Reply
How To Add and Delete Users on Debian 10 Buster – devconnected September 8, 2019 - 8:01 pm

[…] you are not sure about how to add a user to sudoers, make sure to check the tutorial we wrote about […]

Reply
How To Find & Locate Files on a Linux System – devconnected September 10, 2019 - 7:24 pm

[…] To install locate, you will need sudo privileges on your Linux host. […]

Reply
How To List Users and Groups on Linux – devconnected September 11, 2019 - 12:59 pm

[…] To prove that it provides the groups for the user that launched the command, try to launch the command with sudo privileges. […]

Reply
Cron Jobs and Crontab on Linux Explained – devconnected September 14, 2019 - 12:59 pm

[…] : you need sudo privileges to inspect system services with […]

Reply
How To Change The Timezone on Debian 10 Buster – devconnected September 19, 2019 - 6:20 pm

[…] In order to change your timezone on Debian 10, you will need to have sudo privileges on your host. […]

Reply
Access Control Lists on Linux Explained – devconnected September 22, 2019 - 11:51 am

[…] that you will need sudo privileges on Debian 10 to run this […]

Reply
How To Install and Enable SSH Server on Debian 10 September 22, 2019 - 5:59 pm

[…] In order to install a SSH server on Debian 10, you will need to have sudo privileges on your host. […]

Reply
How To Install InfluxDB Telegraf and Grafana on Docker October 6, 2019 - 3:23 pm

[…] of all, you need to have sudo rights on your Linux machine, otherwise you won’t be able to install InfluxDB on your […]

Reply
Screen Command on Linux Explained – devconnected October 10, 2019 - 6:54 pm

[…] you need to add a user to sudoers on Debian, there is a tutorial for […]

Reply
How To Change User on Linux – devconnected October 13, 2019 - 9:42 pm

[…] default, you will need privileged rights in order to run this command, so make sure that you have sudo rights either on Debian based distributions, or on Red Hat based […]

Reply
How To Add Swap Space on Debian 10 Buster – devconnected October 20, 2019 - 7:11 am

[…] In order to add swap space on Debian 10 Buster, you need to have sudo privileges on your host. […]

Reply
How To Check Free Disk Space on Linux – devconnected October 26, 2019 - 9:25 am

[…] some directories, you will need to have sudo privileges (on Debian/Ubuntu, or on […]

Reply
How To Format Disk Partitions on Linux – devconnected October 28, 2019 - 6:51 pm

[…] you are looking for resources in order to be sudo on Debian/Ubuntu or on RHEL/CentOS, make sure to take a look at our dedicated […]

Reply
How To Mount and Unmount Drives on Linux – devconnected October 30, 2019 - 7:30 pm

[…] you are not sure how to give sudo rights to users on Debian/Ubuntu or CentOS/RHEL, make sure to check our dedicated guides on the […]

Reply
User Administration Complete Guide on Linux – devconnected November 1, 2019 - 9:12 am

[…] one guide for Debian based systems and one for Red Hat based […]

Reply
How To Change User Password on Debian 10 – devconnected November 3, 2019 - 2:23 pm

[…] running the passwd command, make sure that you have sudo rights on your Debian 10 […]

Reply
How to Setup InfluxDB, Telegraf and Grafana on Docker: Part 1 | InfluxData November 11, 2019 - 5:06 pm

[…] of all, you need to have sudo rights on your Linux machine; otherwise, you won’t be able to install InfluxDB on your […]

Reply
How To Setup OpenLDAP Server on Debian 10 – devconnected January 19, 2020 - 11:37 am

[…] you are not sure on how to provide sudo rights for users on Debian 10 or CentOS 8, make sure to read our dedicated guides about […]

Reply
Casey January 24, 2020 - 9:22 pm

The instructions on debian 10 are not quite correct. The line that you need to add to the bottom is:

“john ALL=(ALL:ALL) NOPASSWD:ALL”

There is no $ sign. I’m sure that this is a simple oversight, but as a new debian user it took me a bit to figure out what I needed to do to make this work.

Reply
schkn January 25, 2020 - 10:12 am

Hello,

Indeed, dollar signs are added before most commands on the website.

Sorry if it led to some confusion on your side.

Reply
Michel Virard July 17, 2020 - 2:31 am

That $ screwed me! Last time I used vi must have been 25 years ago! So I took your $ for cash… You should correct the web page since Linux newbies will certainly get it wrong.

Reply
schkn July 18, 2020 - 11:48 am

You are right, that’s a good remark, the dollar sign won’t be used for future articles, it surely can be confusing.

Reply
JohnM July 27, 2020 - 4:59 pm

The dollar sign in this case is just wrong. I see where you use it at the beginning of a command, to represent the prompt. That’s fine, but in this case the example text is not a command, but the contents of a file. The dollar has no business there and it isn’t just confusing. It incorrect information and should be corrected.

How To Configure Linux as a Static Router – devconnected February 5, 2020 - 10:35 pm

[…] you don’t have sudo rights, you can have a look at our tutorials on becoming sudo on Debian or CentOS […]

Reply
How To Install Samba on Debian 10 Buster – devconnected February 22, 2020 - 9:07 am

[…] If you don’t belong to the sudo group, you can check one of our tutorials in order to gain sudo privileges for Debian instances. […]

Reply
Arping Command on Linux Explained – devconnected April 16, 2020 - 5:45 pm

[…] this is not the case, you can read our guide on getting sudo privileges for Debian or CentOS […]

Reply
spolen October 1, 2020 - 8:35 pm

why not just type “sudo adduser john sudo”?

Reply
A October 23, 2020 - 10:35 am

Go to single user mode change above parameter if we are not being able to change due to below issue.
Incident reported after type passwrd by executing command sudo -s or sudo root

Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.