Revoke Users SUDO privileges in Linux

Serving SUDO privileges in the wrong hand might disrupt your Linux system with unusual packages and applications.

We often follow the same standard method while creating a new user account for someone, like creating an account using adduser or useradd and then giving them sudo permission with the help of the usermod command.

In performing these steps, you might give less attention to the sudo command while assigning to the user, which may be unnecessary and can lead you to conflicts with that user’s actions.

Today we will guide you to the steps required to perform while revoking sudo privileges from users in the Linux system.

Step 1: Find out the user before taking out sudo privileges

There are multiple ways to find out users in the Linux system. We will show you two different ways to find out users in your Linux system.

The first way to find out the user created in your system is by exploring the system level passwd file.

The default location for this file is “/etc/passwd” in all Linux distributions. With the help of cat or less commands, you can read the content of this file.

$ less /etc/passwd

After executing the above command below output will be generated.

Content of the passwd file
Content of the passwd file

As you can see above, you were getting users with some unnecessary information. Use the below command to filter out users from the passwd file using the awk command.

$ awk -F ":" '{print $1}' /etc/passwd

After executing the above command below output will be generated.

FIltering users using awk command
FIltering users using awk command

With the help of the above output, find out the users who don’t deserve sudo privileges.

2. Find user home directories

This is not an appropriate method, but still, you can use this method to find out the list of users having home directories in your Linux system using the below command.

Note: If user is created using useradd command, will not generate their home directory.

$ ls /home/

After executing the above command below output will be generated.

Finding users home directories
Finding users home directories

Step 2: Checking assigned group to user

Generally, we are adding users to the sudo group while giving them sudo privileges. Once you find out the users, the next step will be to check the given groups to that user.

In my case, the test user is the demo user assigned to the sudo group whose access to sudo should be revoked. Let us find out if it is added in the sudo group or not using the below command.

$ groups test

After executing the above command below output will be generated.

Finding list of groups assigned to user
Finding the list of groups assigned to the user

As you can see from the above output, the test user is added to the sudo group. So, any system command with sudo privileges can be executed by that user.

Step 3: Removing SUDO privileges from users in Linux

We have to remove that user from the SUDO group to prevent them from executing the system-level command in your Linux system using sudo command. Once you find out the list of users with sudo privileges, you can easily remove them using the below command.

Warning: Ensure you are a sudo user or root user while removing users from sudo group in your Linux system.

$ sudo deluser test sudo
Removing user `test' from group `sudo' ...
Done.

Replace “test” with your user whom you want to revoke sudo privileges. After executing the above command test, the user will be removed from the sudo group.

You can check if the SUDO group is assigned to a user or not from step 2.

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments