Serving SUDO privileges in the wrong hand might disrupt your Linux system with unusual packages and applications.
We often follow the same standard method while creating a new user account for someone, like creating an account using adduser
or useradd
and then giving them sudo permission with the help of the usermod
command.
In performing these steps, you might give less attention to the sudo command while assigning to the user, which may be unnecessary and can lead you to conflicts with that user’s actions.
Today we will guide you to the steps required to perform while revoking sudo privileges from users in the Linux system.
Table of Contents
Step 1: Find out the user before taking out sudo privileges
There are multiple ways to find out users in the Linux system. We will show you two different ways to find out users in your Linux system.
1. Reading passwd file (Recommended)
The first way to find out the user created in your system is by exploring the system level passwd file.
The default location for this file is “/etc/passwd” in all Linux distributions. With the help of cat or less commands, you can read the content of this file.
$ less /etc/passwd
After executing the above command below output will be generated.
As you can see above, you were getting users with some unnecessary information. Use the below command to filter out users from the passwd file using the awk command.
$ awk -F ":" '{print $1}' /etc/passwd
After executing the above command below output will be generated.
With the help of the above output, find out the users who don’t deserve sudo privileges.
2. Find user home directories
This is not an appropriate method, but still, you can use this method to find out the list of users having home directories in your Linux system using the below command.
Note: If user is created using useradd command, will not generate their home directory.
$ ls /home/
After executing the above command below output will be generated.
Step 2: Checking assigned group to user
Generally, we are adding users to the sudo group while giving them sudo privileges. Once you find out the users, the next step will be to check the given groups to that user.
In my case, the test user is the demo user assigned to the sudo group whose access to sudo should be revoked. Let us find out if it is added in the sudo group or not using the below command.
$ groups test
After executing the above command below output will be generated.
As you can see from the above output, the test user is added to the sudo group. So, any system command with sudo privileges can be executed by that user.
Step 3: Removing SUDO privileges from users in Linux
We have to remove that user from the SUDO group to prevent them from executing the system-level command in your Linux system using sudo command. Once you find out the list of users with sudo privileges, you can easily remove them using the below command.
Warning: Ensure you are a sudo user or root user while removing users from sudo group in your Linux system.
$ sudo deluser test sudo
Removing user `test' from group `sudo' ...
Done.
Replace “test” with your user whom you want to revoke sudo privileges. After executing the above command test, the user will be removed from the sudo group.
You can check if the SUDO group is assigned to a user or not from step 2.
Innovative tech mind with 12 years of experience working as a computer programmer, web developer, and security researcher. Capable of working with a variety of technology and software solutions, and managing databases.