Home FAQ How To Find All Sudo Users In Linux
Find All Sudo Users in linux

How To Find All Sudo Users In Linux

By sk
10624 Views

As a Linux administrator, you must know how to add, delete and grant sudo privileges to users. Sometimes you might have given temporary sudo access to a normal user to install a software or do certain administrative task on his/her own. Over the time, we might forget to revoke the sudo privileges. So, it is good practice to check how many super users are in your Linux system from time to time. If there are any forgotten or unwanted sudo access, you can simply revoke them. This brief guide explains how to find all sudo users in Linux and Unix-like operating systems.

Find All Sudo Users In Linux

Let us first list all users in the system. To do so, run:

$ awk -F':' '{ print $1}' /etc/passwd

Sample output from my Ubuntu system:

root
daemon
bin
sys
sync
games
man
lp
mail
news
uucp
proxy
www-data
backup
list
irc
gnats
nobody
systemd-timesync
systemd-network
systemd-resolve
systemd-bus-proxy
syslog
_apt
lxd
messagebus
uuidd
dnsmasq
sshd
sk
senthil
kumar
ostechnix

Another way to list all users in a Linux system is:

$ compgen -u

Now let us find only the sudo or super users in our Linux system with command:

$ grep '^sudo:.*$' /etc/group | cut -d: -f4
sk,ostechnix

You can also use "getent" command instead of "grep" to get the same result.

$ getent group sudo | cut -d: -f4
sk,ostechnix

As you see in the above output, "sk" and "ostechnix" are the sudo users in my system.

Find if an user has sudo privileges

We know now how to find all sudo users in our Linux system. How to find whether a certain user has sudo privilege or not? That's easy!

To find if an user is sudo user, simply run

$ sudo -l -U sk

Sample output:

Matching Defaults entries for sk on ubuntuserver:
 env_reset, mail_badpass,
 secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin

User sk may run the following commands on ubuntuserver:
 (ALL : ALL) ALL

As you see, the user named "sk" can perform all commands. So, he is in the sudo group.

Let us check another user.

$ sudo -l -U senthil

Sample output:

User senthil is not allowed to run sudo on ubuntuserver.

Well, the user "senthil" is not allowed to run sudo. He is just a normal user!

We can also find if an user has sudo access by running the following command:

$ sudo -nv

If you get nothing as output, the user has sudo access.

If you see an output like below, then the user doesn't has sudo access.

$ sudo -nv
Sorry, user senthil may not run sudo on ubuntuserver.

Suggested read:


Thanks for stopping by!

Help us to help you:

Have a Good day!!

You May Also Like

1 comment

Arnab Ghosh February 11, 2019 - 1:22 pm

Thanks a lot! “compgen -u” did it for me!

Reply

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More