See If You Can Find It

Friday, June 19, 2020

Linux System Administration: Add to Sudoers

One of the most important features of any Linux distro is the ability to do things with elevated permissions, without constantly operating under the root user. To do this, as most may know, we use the "sudo" command. What you may not know though is how a regular user gets the capability to use this command. That's okay, because that's what we're going to talk about here. I'm going to do this from my fresh Debian VM, as Debian doesn't automatically add your account to the sudoers group.

So as we see here, I'm trying to update the machine, but can't as I don't have the appropriate permissions. So the first thing I'm going to do is "su" to root as I'm going to need elevated privileges to fix this user account.

First I'm going to add the user to the sudoers group using 'sudo usermod -aG sudo ugx3'
Next, using echo and tee, I'm going to pass information to the terminal to write to an individual file in the /etc/sudoers.d directory for the user. I'm using an individual file for ease of management, so that if I wanted to remove this user later, I could delete it's associated file. We're going to do this by using 'echo "ugx3 ALL=(ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/ugx3'.
(Here I tried to cd into a file because I wasn't thinking, but hey, we all make mistakes)

Finally, let's verify that everything is now working properly. For this I just switched back to my user by entering the command "exit" and continuing to try and update.

It works! You'll notice that I didn't have to enter a password when using sudo, that's because of the "NOPASSWD" bit. I personally prefer using it this way, even though technically it's less secure. You should most definitely have a password set in a work environment, or really any machine that's exposed to the internet.

No comments:

Post a Comment