Shell Script to Add User to Sudoers

Written by: Bobbin Zachariah   |   Last updated: November 19, 2023

The most straightforward way to grant sudo privileges to a user is by adding that user to the sudo ( for Debian-based system) or wheel (for Redhat-based system) group. The alternative method is to add user to the sudoers file. Let's check how we can perform the same using shell script.

Script to add user to sudo or wheel group

Let me first show what the output of the script looks like:

$ ./adduser_sudogroup.sh 
Enter the username: tom
User tom already exists.
User tom added to the wheel group successfully.

This shell script adds an existing user to sudo or wheel group whichever is available on the Linux Distro.

Script

#!/bin/bash

# Prompting for the username
read -p "Enter the username: " username

# Check if the user already exists
if id "$username" &>/dev/null; then
    echo "User $username already exists."
else
    echo "User $username doesn't exist."
    exit 1
fi

`grep -qE '^(wheel):' /etc/group`
WHEEL=$?

`grep -qE '^(sudo):' /etc/group`
SUDO=$?

# Check if sudo or wheel group exists in /etc/group
if [ "${WHEEL}" == "0" ] ; then
    usermod -aG wheel "$username" &>/dev/null
    echo "User $username added to the wheel group successfully."
fi

if [ "${SUDO}" == "0" ] ; then
    usermod -aG sudo "$username" &>/dev/null
    echo "User $username added to the sudo group successfully."
fi  

exit 0
script to add user to sudo group

In the script

If the user exists, it verifies the existence of either the sudo or wheel group in the /etc/group file.

`grep -qE '^(wheel):' /etc/group`
WHEEL=$?

`grep -qE '^(sudo):' /etc/group`
SUDO=$?

If the group exists, it adds the specified user to that group using the usermod -aG command, granting them sudo privileges.

If the group does not exist, it notifies the user about the absence of the required group. This script offers a streamlined way to add a user to the sudo or wheel group while performing necessary checks for user existence and group availability.

if [ "${WHEEL}" == "0" ] ; then
    usermod -aG wheel "$username" &>/dev/null
    echo "User $username added to the wheel group successfully."
fi

if [ "${SUDO}" == "0" ] ; then
    usermod -aG sudo "$username" &>/dev/null
    echo "User $username added to the sudo group successfully."
fi

Script to add user to Custom sudoers file

On most Linux distributions, the /etc/sudoers.d/ directory allows administrators to add custom sudoer configurations. This approach is preferred because it avoids directly modifying the main /etc/sudoers file and is easier to manage.

Let me first show what the output of the script looks like:

$ ./adduser_sudofile.sh 
Enter the username: tom
User tom already exists.
User tom added to sudoers /etc/sudoers.d/tom file successfully.

Script

#!/bin/bash

# Prompting for the username
read -p "Enter the username: " username

# Check if the user already exists
if id "$username" &>/dev/null; then
    echo "User $username already exists."
else
    echo "User $username doesn't exist."
    exit 1
fi

# Create a sudoers.d file for the user
sudoers_file="/etc/sudoers.d/$username"
echo "$username ALL=(ALL) NOPASSWD:ALL" | sudo tee "$sudoers_file" > /dev/null

# Set proper permissions on the sudoers.d file
sudo chmod 0440 "$sudoers_file"

echo "User $username added to /etc/sudoers.d/$username file successfully."
shell script to add user to custom sudoers file

In the script:

sudoers_file="/etc/sudoers.d/$username"
echo "$username ALL=(ALL) NOPASSWD:ALL" | sudo tee "$sudoers_file" > /dev/null

The above command creates a sudoers.d file for the specified user. The file is located at /etc/sudoers.d/$username and it echoes the necessary sudo configuration line to the sudoers.d file, allowing the user $username to run any command as any user without a password prompt.

About The Author

Bobbin Zachariah

Bobbin Zachariah

Bobbin Zachariah is an experienced Linux engineer who has been supporting infrastructure for many companies. He specializes in Shell scripting, AWS Cloud, JavaScript, and Nodejs. He has qualified Master's degree in computer science. He holds Red Hat Certified Engineer (RHCE) certification.

SHARE

Comments

Please add comments below to provide the author your ideas, appreciation and feedback.

Leave a Reply

Leave a Comment