How To List All Sudo Users On Ubuntu
On Unix-like operating systems, sudo allows users to run programs with the same security privileges given to the superuser (also known as root, administrator, admin, or supervisor). It originally meant "superuser do" because sudo was invented to run commands only as the superuser on older versions of Linux.
How do you list all the sudo users on a Ubuntu machine?
You can do this using the getent command:
getent group sudo
The output should look something like this:
sudo:x:27:bob,bill
This command queries the /etc/group file in your system and gets each entry that matches sudo.
The output format is as follows:
group:password:GID:user(s)
Here's an explanation for each item:
groupis the name of the given group.passwordis the encrypted group password. If this value is empty, it means there is no password. If the value isx, the password is in the/etc/gshadowfile.GIDis the group ID.users()is a comma-separated list of users that are members of the group. An empty value means there are no users in the group.
If you want to output only the list of usernames and remove the rest of the items, use this command:
getent group sudo | awk -F: '{print $4}'
This will output just the comma-delimited list of users:
bob,bill
Also, you may need to check if a specific user has sudo access or not.
You can do this by using the -l and -U options together in a single command:
sudo -l -U bob
If that user has sudo access, it will print the level of sudo access it has:
User bob may run the following commands on comp:
(ALL : ALL) ALL
If the user doesn't have sudo access, it will output this:
User john is not allowed to run sudo on comp.
There you go! That's how you get a list of all the sudo users on a Ubuntu machine and check if a single user has sudo permissions.
Thanks for reading and happy computing!