User Management Task: Managing Sudo Access

Goal

Grant limited and auditable admin rights using sudo.

View Current Sudoers

sudo getent group sudo
sudo getent group wheel

Safely Edit Sudoers

visudo

Grant Specific Permissions

username ALL=(ALL) NOPASSWD: /usr/bin/systemctl restart nginx

Add to Sudo Group

usermod -aG wheel username

Best Practices

• Avoid full NOPASSWD access
• Use specific command bindings when possible

Tools

• visudo, /etc/sudoers, /etc/sudoers.d/, groups