Give a local user ‘sudo’ privileges in Debian Linux

In Debian GNU/Linux users do not have ‘sudo’ privileges by default.

In order to allow ‘sudo’ privileges for a user, there are three options:

  1. add the user to the ‘sudo’ group.
  2. create a sudousers file in the /etc/sudoers.d folder, and individually allow ‘sudo’ privileges to each user or group
  3. edit the /etc/sudoers file directly to add users or groups

Option 3 is not my favorite, as I do not like to edit the sudoers file directly, therefore we are left with the first two options:

Option 1: add the user to the ‘sudo’ group

This is the easiest method to add sudo privileges.

//login as root
$ su -

//add the user to the sudo group
# usermod -aG sudo username

Option 2: create a sudousers file in /etc/sudoers.d

//login as root
$ su -

//create a sudousers file in /etc/sudoers.d
# nano /etc/sudoers.d/sudousers

//add user and group privilege specifications
user    ALL=(ALL:ALL) ALL
%group    ALL=(ALL:ALL) ALL

//save the file

//set file mode to 0440
# chmod 0440 sudousers

//edit the /etc/sudoers file to include files from /etc/sudoers.d
//the sudoers file should always be edited as root with visudo
# visudo

//the pound sign(#) is NOT a commented line; it has to prefix includedir, otherwise a parsing error will occur
#includedir /etc/sudoers.d

//save the file

Log out from system and log back in order to activate the changes.

Test the sudo privileges for the new user(s).

Leave a Reply