The most straightforward way to grant sudo privileges to a user is by adding that user to the sudo ( for Debian-based system) or wheel (for Redhat-based system) group. The alternative method is to add user to the sudoers file. Let's check how we can perform the same using shell script.
Script to add user to sudo or wheel group
Let me first show what the output of the script looks like:
$ ./adduser_sudogroup.sh
Enter the username: tom
User tom already exists.
User tom added to the wheel group successfully.This shell script adds an existing user to sudo or wheel group whichever is available on the Linux Distro.
Script
#!/bin/bash
# Prompting for the username
read -p "Enter the username: " username
# Check if the user already exists
if id "$username" &>/dev/null; then
echo "User $username already exists."
else
echo "User $username doesn't exist."
exit 1
fi
`grep -qE '^(wheel):' /etc/group`
WHEEL=$?
`grep -qE '^(sudo):' /etc/group`
SUDO=$?
# Check if sudo or wheel group exists in /etc/group
if [ "${WHEEL}" == "0" ] ; then
usermod -aG wheel "$username" &>/dev/null
echo "User $username added to the wheel group successfully."
fi
if [ "${SUDO}" == "0" ] ; then
usermod -aG sudo "$username" &>/dev/null
echo "User $username added to the sudo group successfully."
fi
exit 0
In the script
If the user exists, it verifies the existence of either the sudo or wheel group in the /etc/group file.
`grep -qE '^(wheel):' /etc/group`
WHEEL=$?
`grep -qE '^(sudo):' /etc/group`
SUDO=$?
If the group exists, it adds the specified user to that group using the usermod -aG command, granting them sudo privileges.
If the group does not exist, it notifies the user about the absence of the required group. This script offers a streamlined way to add a user to the sudo or wheel group while performing necessary checks for user existence and group availability.
if [ "${WHEEL}" == "0" ] ; then
usermod -aG wheel "$username" &>/dev/null
echo "User $username added to the wheel group successfully."
fi
if [ "${SUDO}" == "0" ] ; then
usermod -aG sudo "$username" &>/dev/null
echo "User $username added to the sudo group successfully."
fi
Script to add user to Custom sudoers file
On most Linux distributions, the /etc/sudoers.d/ directory allows administrators to add custom sudoer configurations. This approach is preferred because it avoids directly modifying the main /etc/sudoers file and is easier to manage.
Let me first show what the output of the script looks like:
$ ./adduser_sudofile.sh
Enter the username: tom
User tom already exists.
User tom added to sudoers /etc/sudoers.d/tom file successfully.Script
#!/bin/bash
# Prompting for the username
read -p "Enter the username: " username
# Check if the user already exists
if id "$username" &>/dev/null; then
echo "User $username already exists."
else
echo "User $username doesn't exist."
exit 1
fi
# Create a sudoers.d file for the user
sudoers_file="/etc/sudoers.d/$username"
echo "$username ALL=(ALL) NOPASSWD:ALL" | sudo tee "$sudoers_file" > /dev/null
# Set proper permissions on the sudoers.d file
sudo chmod 0440 "$sudoers_file"
echo "User $username added to /etc/sudoers.d/$username file successfully."
In the script:
sudoers_file="/etc/sudoers.d/$username"
echo "$username ALL=(ALL) NOPASSWD:ALL" | sudo tee "$sudoers_file" > /dev/null
The above command creates a sudoers.d file for the specified user. The file is located at /etc/sudoers.d/$username and it echoes the necessary sudo configuration line to the sudoers.d file, allowing the user $username to run any command as any user without a password prompt.
About The Author
Bobbin Zachariah
Bobbin Zachariah is an experienced Linux engineer who has been supporting infrastructure for many companies. He specializes in Shell scripting, AWS Cloud, JavaScript, and Nodejs. He has qualified Master’s degree in computer science. He holds Red Hat Certified Engineer (RHCE) certification and RedHat Enable Sysadmin.
Comments