Setting up the normal user account on Debian GNU/Linux to use sudo
Setting up your normal user account on Debian to use the sudo command instead of the su command is very simple.
This is the contents of my /etc/sudoers file. This line:
neo ALL=(ALL:ALL) ALL |
Is the one that defines our normal user as part of the sudoers file. This string will allow the user to execute commands with root privileges, but will ask for the users password before the access is granted. That is how Ubuntu is set up and that is the best way to use the sudo command. You can set this up to not ask for a password when you run the sudo command, but that is a very bad idea. The below line illustrates how this is achieved, but I would not do this, you could accidentally run a command as sudo and it would run without prompting you.
neo ALL = NOPASSWD: ALL </code> The man sudoers command will display a huge amount of information about the sudoers file and how to write one. The <strong>visudo</strong> command is there so that the <strong>/etc/sudoers</strong> file may be verified before it is committed back to disk after editing. NEVER edit this file directly! If you make a mistake you could lock out the root user and then you would need to recover your system. Booting from a live CD and fixing the file that way would work, best to use the <strong>visudo</strong> command and study the <strong>/etc/sudoers</strong> manual page to learn the proper syntax, then you will have no problems with setting up your users. There are ways to allow certain users to access some parts of your system that are necessary for their work whilst locking them out of others. This is a very powerful system, allowing certain users to access some devices attached to the system like printers and others having other privileges. That is why Linux is so flexible. <pre lang="bash"> neo@deusexmachina:/etc$ sudo cat /etc/sudoers [sudo] password for neo: # # This file MUST be edited with the 'visudo' command as root. # # Please consider adding local content in /etc/sudoers.d/ instead of # directly modifying this file. # # See the man page for details on how to write a sudoers file. # Defaults env_reset Defaults mail_badpass Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" # Host alias specification # User alias specification # Cmnd alias specification # User privilege specification root ALL=(ALL:ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL neo ALL=(ALL:ALL) ALL # See sudoers(5) for more information on "#include" directives: #includedir /etc/sudoers.d |