Deleting user from sudoer












1















I would like to know the command to remove a user from the sudoer list in Linux. I have added the user using this command:



sudo adduser user_name


and also added it to a group.



I now want to remove the user from the sudoer list. How can I do that?










share|improve this question





























    1















    I would like to know the command to remove a user from the sudoer list in Linux. I have added the user using this command:



    sudo adduser user_name


    and also added it to a group.



    I now want to remove the user from the sudoer list. How can I do that?










    share|improve this question



























      1












      1








      1








      I would like to know the command to remove a user from the sudoer list in Linux. I have added the user using this command:



      sudo adduser user_name


      and also added it to a group.



      I now want to remove the user from the sudoer list. How can I do that?










      share|improve this question
















      I would like to know the command to remove a user from the sudoer list in Linux. I have added the user using this command:



      sudo adduser user_name


      and also added it to a group.



      I now want to remove the user from the sudoer list. How can I do that?







      linux






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Jan 11 at 3:48









      Blackwood

      2,88861728




      2,88861728










      asked Jan 11 at 2:35









      user983675user983675

      82




      82






















          2 Answers
          2






          active

          oldest

          votes


















          1














          It may not as straight forward as running a command. There is no sudoerlist - the sudoers file is a list of instructions which can provide users - or groups various permissions. You can edit this file using visudo if you are good with vi. If not, you arguably should not be messing with it, but can probably use nano /etc/sudoers (as root). The sudoers file is usually quite well documented.



          Depending on your OS though, you may not actually need to do this. Most distros have a group, and elevated permissions are granted by simply modifying who has access to what group. You may want to look through the sudoers file to see what group/groups there are - In my ubuntu 16.04 there is an "admin" group and a "sudo" group. "wheel" and "admin" groups are other common ones.



          As the user is probably already a member of a group with sudo access, typing (as root) grep "username" /etc/group" will show a list of groups the user is a member of. To remove the user you can (as root) edit them out of /etc/group or use a command like



          gpasswd -d username groupname


          or



          deluser username groupname





          share|improve this answer


























          • Shouldn’t it be gpasswd?

            – Ramhound
            Jan 11 at 4:06











          • Yes, thank you. Corrected.

            – davidgo
            Jan 11 at 4:10











          • Thanks a lot it works fine :) first command - gpasswd -d username groupname

            – user983675
            Jan 11 at 13:37



















          1














          That command doesn't add the user to the /etc/sudoers file.



          Depending on what group(s) you added the user to, that might grant them access to use sudo. Check group membership for the user with groups username.



          You edit the /etc/sudoers file using the visudo utility - if you don't like vi/vim you can use any other editor by specifying it as an environment variable.



          sudo EDITOR=/bin/nano visudo


          Note that while the file is plain text, it is important to use visudo to edit it because visudo will check the syntax, etc. before actually saving it. With bad syntax, you wouldn't be able to run sudo again to fix it.



          So... check group members for your user, check what groups are allowed sudo access, and check what users are allowed sudo access.



          Contents of a basic /etc/sudoers as distributed by Debian/Ubuntu/etc



          ivan@darkstar:~$ sudo cat /etc/sudoers
          #
          # This file MUST be edited with the 'visudo' command as root.
          #
          # Please consider adding local content in /etc/sudoers.d/ instead of
          # directly modifying this file.
          #
          # See the man page for details on how to write a sudoers file.
          #
          Defaults env_reset
          Defaults mail_badpass
          Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

          # Host alias specification

          # User alias specification

          # Cmnd alias specification

          # User privilege specification
          root ALL=(ALL:ALL) ALL

          # Members of the admin group may gain root privileges
          %admin ALL=(ALL) ALL

          # Allow members of group sudo to execute any command
          %sudo ALL=(ALL:ALL) NOPASSWD:ALL

          # See sudoers(5) for more information on "#include" directives:

          #includedir /etc/sudoers.d





          share|improve this answer
























          • Thanks, but we can delete the user?

            – user983675
            Jan 11 at 12:16











          • @user983675 - sure. deluser username or userdel username with some options. Check man pages for each, decide which is appropriate. Might want to do some reading on managing users and groups on a *nix system - linode.com/docs/tools-reference/linux-users-and-groups

            – ivanivan
            Jan 11 at 13:20











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1393001%2fdeleting-user-from-sudoer%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          2 Answers
          2






          active

          oldest

          votes








          2 Answers
          2






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          1














          It may not as straight forward as running a command. There is no sudoerlist - the sudoers file is a list of instructions which can provide users - or groups various permissions. You can edit this file using visudo if you are good with vi. If not, you arguably should not be messing with it, but can probably use nano /etc/sudoers (as root). The sudoers file is usually quite well documented.



          Depending on your OS though, you may not actually need to do this. Most distros have a group, and elevated permissions are granted by simply modifying who has access to what group. You may want to look through the sudoers file to see what group/groups there are - In my ubuntu 16.04 there is an "admin" group and a "sudo" group. "wheel" and "admin" groups are other common ones.



          As the user is probably already a member of a group with sudo access, typing (as root) grep "username" /etc/group" will show a list of groups the user is a member of. To remove the user you can (as root) edit them out of /etc/group or use a command like



          gpasswd -d username groupname


          or



          deluser username groupname





          share|improve this answer


























          • Shouldn’t it be gpasswd?

            – Ramhound
            Jan 11 at 4:06











          • Yes, thank you. Corrected.

            – davidgo
            Jan 11 at 4:10











          • Thanks a lot it works fine :) first command - gpasswd -d username groupname

            – user983675
            Jan 11 at 13:37
















          1














          It may not as straight forward as running a command. There is no sudoerlist - the sudoers file is a list of instructions which can provide users - or groups various permissions. You can edit this file using visudo if you are good with vi. If not, you arguably should not be messing with it, but can probably use nano /etc/sudoers (as root). The sudoers file is usually quite well documented.



          Depending on your OS though, you may not actually need to do this. Most distros have a group, and elevated permissions are granted by simply modifying who has access to what group. You may want to look through the sudoers file to see what group/groups there are - In my ubuntu 16.04 there is an "admin" group and a "sudo" group. "wheel" and "admin" groups are other common ones.



          As the user is probably already a member of a group with sudo access, typing (as root) grep "username" /etc/group" will show a list of groups the user is a member of. To remove the user you can (as root) edit them out of /etc/group or use a command like



          gpasswd -d username groupname


          or



          deluser username groupname





          share|improve this answer


























          • Shouldn’t it be gpasswd?

            – Ramhound
            Jan 11 at 4:06











          • Yes, thank you. Corrected.

            – davidgo
            Jan 11 at 4:10











          • Thanks a lot it works fine :) first command - gpasswd -d username groupname

            – user983675
            Jan 11 at 13:37














          1












          1








          1







          It may not as straight forward as running a command. There is no sudoerlist - the sudoers file is a list of instructions which can provide users - or groups various permissions. You can edit this file using visudo if you are good with vi. If not, you arguably should not be messing with it, but can probably use nano /etc/sudoers (as root). The sudoers file is usually quite well documented.



          Depending on your OS though, you may not actually need to do this. Most distros have a group, and elevated permissions are granted by simply modifying who has access to what group. You may want to look through the sudoers file to see what group/groups there are - In my ubuntu 16.04 there is an "admin" group and a "sudo" group. "wheel" and "admin" groups are other common ones.



          As the user is probably already a member of a group with sudo access, typing (as root) grep "username" /etc/group" will show a list of groups the user is a member of. To remove the user you can (as root) edit them out of /etc/group or use a command like



          gpasswd -d username groupname


          or



          deluser username groupname





          share|improve this answer















          It may not as straight forward as running a command. There is no sudoerlist - the sudoers file is a list of instructions which can provide users - or groups various permissions. You can edit this file using visudo if you are good with vi. If not, you arguably should not be messing with it, but can probably use nano /etc/sudoers (as root). The sudoers file is usually quite well documented.



          Depending on your OS though, you may not actually need to do this. Most distros have a group, and elevated permissions are granted by simply modifying who has access to what group. You may want to look through the sudoers file to see what group/groups there are - In my ubuntu 16.04 there is an "admin" group and a "sudo" group. "wheel" and "admin" groups are other common ones.



          As the user is probably already a member of a group with sudo access, typing (as root) grep "username" /etc/group" will show a list of groups the user is a member of. To remove the user you can (as root) edit them out of /etc/group or use a command like



          gpasswd -d username groupname


          or



          deluser username groupname






          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Jan 11 at 4:09

























          answered Jan 11 at 3:55









          davidgodavidgo

          43.4k75291




          43.4k75291













          • Shouldn’t it be gpasswd?

            – Ramhound
            Jan 11 at 4:06











          • Yes, thank you. Corrected.

            – davidgo
            Jan 11 at 4:10











          • Thanks a lot it works fine :) first command - gpasswd -d username groupname

            – user983675
            Jan 11 at 13:37



















          • Shouldn’t it be gpasswd?

            – Ramhound
            Jan 11 at 4:06











          • Yes, thank you. Corrected.

            – davidgo
            Jan 11 at 4:10











          • Thanks a lot it works fine :) first command - gpasswd -d username groupname

            – user983675
            Jan 11 at 13:37

















          Shouldn’t it be gpasswd?

          – Ramhound
          Jan 11 at 4:06





          Shouldn’t it be gpasswd?

          – Ramhound
          Jan 11 at 4:06













          Yes, thank you. Corrected.

          – davidgo
          Jan 11 at 4:10





          Yes, thank you. Corrected.

          – davidgo
          Jan 11 at 4:10













          Thanks a lot it works fine :) first command - gpasswd -d username groupname

          – user983675
          Jan 11 at 13:37





          Thanks a lot it works fine :) first command - gpasswd -d username groupname

          – user983675
          Jan 11 at 13:37













          1














          That command doesn't add the user to the /etc/sudoers file.



          Depending on what group(s) you added the user to, that might grant them access to use sudo. Check group membership for the user with groups username.



          You edit the /etc/sudoers file using the visudo utility - if you don't like vi/vim you can use any other editor by specifying it as an environment variable.



          sudo EDITOR=/bin/nano visudo


          Note that while the file is plain text, it is important to use visudo to edit it because visudo will check the syntax, etc. before actually saving it. With bad syntax, you wouldn't be able to run sudo again to fix it.



          So... check group members for your user, check what groups are allowed sudo access, and check what users are allowed sudo access.



          Contents of a basic /etc/sudoers as distributed by Debian/Ubuntu/etc



          ivan@darkstar:~$ sudo cat /etc/sudoers
          #
          # This file MUST be edited with the 'visudo' command as root.
          #
          # Please consider adding local content in /etc/sudoers.d/ instead of
          # directly modifying this file.
          #
          # See the man page for details on how to write a sudoers file.
          #
          Defaults env_reset
          Defaults mail_badpass
          Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

          # Host alias specification

          # User alias specification

          # Cmnd alias specification

          # User privilege specification
          root ALL=(ALL:ALL) ALL

          # Members of the admin group may gain root privileges
          %admin ALL=(ALL) ALL

          # Allow members of group sudo to execute any command
          %sudo ALL=(ALL:ALL) NOPASSWD:ALL

          # See sudoers(5) for more information on "#include" directives:

          #includedir /etc/sudoers.d





          share|improve this answer
























          • Thanks, but we can delete the user?

            – user983675
            Jan 11 at 12:16











          • @user983675 - sure. deluser username or userdel username with some options. Check man pages for each, decide which is appropriate. Might want to do some reading on managing users and groups on a *nix system - linode.com/docs/tools-reference/linux-users-and-groups

            – ivanivan
            Jan 11 at 13:20
















          1














          That command doesn't add the user to the /etc/sudoers file.



          Depending on what group(s) you added the user to, that might grant them access to use sudo. Check group membership for the user with groups username.



          You edit the /etc/sudoers file using the visudo utility - if you don't like vi/vim you can use any other editor by specifying it as an environment variable.



          sudo EDITOR=/bin/nano visudo


          Note that while the file is plain text, it is important to use visudo to edit it because visudo will check the syntax, etc. before actually saving it. With bad syntax, you wouldn't be able to run sudo again to fix it.



          So... check group members for your user, check what groups are allowed sudo access, and check what users are allowed sudo access.



          Contents of a basic /etc/sudoers as distributed by Debian/Ubuntu/etc



          ivan@darkstar:~$ sudo cat /etc/sudoers
          #
          # This file MUST be edited with the 'visudo' command as root.
          #
          # Please consider adding local content in /etc/sudoers.d/ instead of
          # directly modifying this file.
          #
          # See the man page for details on how to write a sudoers file.
          #
          Defaults env_reset
          Defaults mail_badpass
          Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

          # Host alias specification

          # User alias specification

          # Cmnd alias specification

          # User privilege specification
          root ALL=(ALL:ALL) ALL

          # Members of the admin group may gain root privileges
          %admin ALL=(ALL) ALL

          # Allow members of group sudo to execute any command
          %sudo ALL=(ALL:ALL) NOPASSWD:ALL

          # See sudoers(5) for more information on "#include" directives:

          #includedir /etc/sudoers.d





          share|improve this answer
























          • Thanks, but we can delete the user?

            – user983675
            Jan 11 at 12:16











          • @user983675 - sure. deluser username or userdel username with some options. Check man pages for each, decide which is appropriate. Might want to do some reading on managing users and groups on a *nix system - linode.com/docs/tools-reference/linux-users-and-groups

            – ivanivan
            Jan 11 at 13:20














          1












          1








          1







          That command doesn't add the user to the /etc/sudoers file.



          Depending on what group(s) you added the user to, that might grant them access to use sudo. Check group membership for the user with groups username.



          You edit the /etc/sudoers file using the visudo utility - if you don't like vi/vim you can use any other editor by specifying it as an environment variable.



          sudo EDITOR=/bin/nano visudo


          Note that while the file is plain text, it is important to use visudo to edit it because visudo will check the syntax, etc. before actually saving it. With bad syntax, you wouldn't be able to run sudo again to fix it.



          So... check group members for your user, check what groups are allowed sudo access, and check what users are allowed sudo access.



          Contents of a basic /etc/sudoers as distributed by Debian/Ubuntu/etc



          ivan@darkstar:~$ sudo cat /etc/sudoers
          #
          # This file MUST be edited with the 'visudo' command as root.
          #
          # Please consider adding local content in /etc/sudoers.d/ instead of
          # directly modifying this file.
          #
          # See the man page for details on how to write a sudoers file.
          #
          Defaults env_reset
          Defaults mail_badpass
          Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

          # Host alias specification

          # User alias specification

          # Cmnd alias specification

          # User privilege specification
          root ALL=(ALL:ALL) ALL

          # Members of the admin group may gain root privileges
          %admin ALL=(ALL) ALL

          # Allow members of group sudo to execute any command
          %sudo ALL=(ALL:ALL) NOPASSWD:ALL

          # See sudoers(5) for more information on "#include" directives:

          #includedir /etc/sudoers.d





          share|improve this answer













          That command doesn't add the user to the /etc/sudoers file.



          Depending on what group(s) you added the user to, that might grant them access to use sudo. Check group membership for the user with groups username.



          You edit the /etc/sudoers file using the visudo utility - if you don't like vi/vim you can use any other editor by specifying it as an environment variable.



          sudo EDITOR=/bin/nano visudo


          Note that while the file is plain text, it is important to use visudo to edit it because visudo will check the syntax, etc. before actually saving it. With bad syntax, you wouldn't be able to run sudo again to fix it.



          So... check group members for your user, check what groups are allowed sudo access, and check what users are allowed sudo access.



          Contents of a basic /etc/sudoers as distributed by Debian/Ubuntu/etc



          ivan@darkstar:~$ sudo cat /etc/sudoers
          #
          # This file MUST be edited with the 'visudo' command as root.
          #
          # Please consider adding local content in /etc/sudoers.d/ instead of
          # directly modifying this file.
          #
          # See the man page for details on how to write a sudoers file.
          #
          Defaults env_reset
          Defaults mail_badpass
          Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

          # Host alias specification

          # User alias specification

          # Cmnd alias specification

          # User privilege specification
          root ALL=(ALL:ALL) ALL

          # Members of the admin group may gain root privileges
          %admin ALL=(ALL) ALL

          # Allow members of group sudo to execute any command
          %sudo ALL=(ALL:ALL) NOPASSWD:ALL

          # See sudoers(5) for more information on "#include" directives:

          #includedir /etc/sudoers.d






          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Jan 11 at 3:59









          ivanivanivanivan

          1,20917




          1,20917













          • Thanks, but we can delete the user?

            – user983675
            Jan 11 at 12:16











          • @user983675 - sure. deluser username or userdel username with some options. Check man pages for each, decide which is appropriate. Might want to do some reading on managing users and groups on a *nix system - linode.com/docs/tools-reference/linux-users-and-groups

            – ivanivan
            Jan 11 at 13:20



















          • Thanks, but we can delete the user?

            – user983675
            Jan 11 at 12:16











          • @user983675 - sure. deluser username or userdel username with some options. Check man pages for each, decide which is appropriate. Might want to do some reading on managing users and groups on a *nix system - linode.com/docs/tools-reference/linux-users-and-groups

            – ivanivan
            Jan 11 at 13:20

















          Thanks, but we can delete the user?

          – user983675
          Jan 11 at 12:16





          Thanks, but we can delete the user?

          – user983675
          Jan 11 at 12:16













          @user983675 - sure. deluser username or userdel username with some options. Check man pages for each, decide which is appropriate. Might want to do some reading on managing users and groups on a *nix system - linode.com/docs/tools-reference/linux-users-and-groups

          – ivanivan
          Jan 11 at 13:20





          @user983675 - sure. deluser username or userdel username with some options. Check man pages for each, decide which is appropriate. Might want to do some reading on managing users and groups on a *nix system - linode.com/docs/tools-reference/linux-users-and-groups

          – ivanivan
          Jan 11 at 13:20


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1393001%2fdeleting-user-from-sudoer%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          How to make a Squid Proxy server?

          Is this a new Fibonacci Identity?

          19世紀