Adding users to sudoers through shell script

linux sh sudo

71,200

Solution 1

You could simply echo (with elevated privileges, of course) directly to the /etc/sudoers file:

sudo -i
echo 'nickw444  ALL=(ALL:ALL) ALL' >> /etc/sudoers
#             ^^
#             tab

(note the tab character between the username and the first ALL)

Or, for a script:

#!/bin/bash
# Run me with superuser privileges
echo 'nickw444  ALL=(ALL:ALL) ALL' >> /etc/sudoers

Then save to somefile.sh, chmod a+rx it, and run sudo ./somefile.sh from a terminal window.

To add multiple users, change the script to this;

#!/bin/bash

while [[ -n $1 ]]; do
    echo "$1    ALL=(ALL:ALL) ALL" >> /etc/sudoers;
    shift # shift all parameters;
done

Then, run the script like this (assuming you saved it as addsudousers.sh):

sudo ./addsudousers.sh bob joe jeff

that is, space-separated.

To read the names from a file:

nickw444@laptop ~ $ sudo ./addsudousers.sh `cat listofusers.txt`

listofusers.txt should also be space-separated.

Edit: Jappie Kirk rightly points out that you can't directly call sudo echo ... >> /etc/sudoers because the >> redirection is handled by the shell, which has by that point dropped the superuser privileges. However, if you run a script that contains echo ... >> /etc/sudoers and the script itself has superuser privileges, everything should work just fine.

Solution 2

No, a straight echo won't work, you have to run it in a subshell. Try this instead:

sudo sh -c "echo \"group ALL=(user) NOPASSWD: ALL\" >> /etc/sudoers"

Solution 3

There is also the sudo group, and you could add users to it (for common configurations of /etc/sudoers)

adduser [username] sudo

Solution 4

on RedHat Based Distributions use:

su - root

and enter your password, then :

echo 'YOURUSERNAME ALL=(ALL:ALL) ALL' >> /etc/sudoers

to add the user in sudoers file.

Solution 5

In order to grant to user sudo permission in shell script (Unix/Linux) use the usermod function:

sudo usermod -aG sudo <userName>

example:

sudo usermod -aG sudo johnDoe

For Verification: use the groups function ( which show the group membership ) and verify the sudo group us under the right user.

groups <userName>

example:

groups johnDoe
#!johnDoe: johnDoe sudo

Explanation from linux documentation:

The usermod command modifies the system account files to reflect the changes that are specified on the command line.

-a, --append

Add the user to the supplementary group(s). Use only with the -G option.

-G, --groups GROUP1[,GROUP2,...[,GROUPN]]]

A list of supplementary groups which the user is also a member of. Each group is ?> separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the -g option. If the user is currently a member of a group which is not listed, the user will be removed from the group. This behaviour can be changed via the -a option, which appends the user to the current supplementary group list.

View more solutions

71,200

Author by

nickw444

Updated on April 21, 2020

Comments

nickw444 about 4 years

Is it possible to add users to the sudoers file through a shell script? I've been looking around, still can't find anything.
Programster almost 10 years

alternatively, use tee like so: echo "$MY_USER ALL=(ALL:ALL) ALL" | sudo tee --append /etc/sudoers
pylover over 8 years

that's it, The 0440 permission of the sudoers file prevent to do that
zeros-and-ones over 7 years

access.redhat.com/documentation/en-US/…
Ray Foss about 5 years

This worked to recover a machine with a dead OpenSSH server on GCP/GCE, using the serial console. Only catch is there had to be an account with password to begin with.
alper about 3 years

Could we have a check mechanism for if the user is already added