Why and How to Edit Your Sudoers File in Linux

Within your Linux or macOS system, there’s a file called “sudoers” which controls the deepest levels of your permissions system. It permits or denies users from gaining super-user access and holds some special preferences for sudo.

What is the sudoers file?

The sudoers file is a text file that lives at “/etc/sudoers.” It controls how sudo works on your machine. You are probably familiar with sudo’s primary role of elevating your current account’s privileges to root, the superuser on all Unix-based systems. This permits your users to execute commands that would be otherwise prohibited.

When do I need to edit the sudoers file?

When you first install Linux (or macOS), the first and default user will be auto-added to the sudoers file so it can run administrative tasks with the sudo command. However, if you create a new user account, it will not have the superuser permission by default. If you need to grant it superuser permission, you will need to edit the sudoers file and add this user account to it.

How can I edit sudoers?

Never edit the sudoers file in a normal text editor. This can lead to simultaneous editing and corrupted files, potentially denying any admin access. Sudoers must be edited by running visudo in Terminal, like so:


Note that you need to use sudo to run visudo. This will open the sudoers file in the default text editor in Terminal (by default, nano).


What can changing the sudoers file do?

The sudoers file’s main job is defining which users can use sudo for what. It also holds some simple preferences, which we can adjust first to get a feel for how visudo works.

Change the sudo timeout

By default, entering your sudo password elevates your permissions until you close the shell or exit. This can be insecure, and some might prefer entering their password each time they use sudo.

1. Run sudo visudo as mentioned above.

2. Press Alt + / to navigate to the end of the document. If you are using Vi or Vim, press Shift + G instead.


3. Create a new line at the bottom of the document and add the following line:


This will set your sudo timeout to zero seconds, so you’ll have sudo permissions for zero seconds after you execute the first command. If you prefer a different interval, enter that value in seconds instead.

You can also set the timeout to “-1,” which gives you an infinite grace period. Don’t do that. It’s a handy way to accidentally nuke your system one day.

4. Press Ctrl + o to save and Ctrl + x to exit.

Limit who can use sudo and for what

The main purpose of the sudoers file is to control which users can run sudo. Without sudo, users can’t elevate their permissions. If you have multiple users accessing the same system through shells, you can control their access by setting values in sudo.

Every sudoers file will have the following line:

This permits the root user on ALL hosts using ALL users to execute ALL commands. ALL is a special value in the sudoers file meaning “no restrictions.” The syntax is as below:

If you want to add another user as root, simply copy the root line and change the user like so:

For more control, you could add a line like the following, which would only permit the “alexander” user to run apt-get update.

Put a “%” in front of the user, and it will define a group. The line below would allow every user in the group “admin” to have root-level permissions. This would be the group as defined by your OS permission groups.

Change the visudo editor

Depending on what version of Linux you’re running, there are two primary ways to change the editor.

For Ubuntu, you’ll want to run the Terminal command below:

You’ll see something like the following:

If you wanted to select vim as your visudo editor from the default of nano, you would press its selection number 3 then press Enter.

For other flavors of Linux, you’ll want to add a new line to your “~./bashrc” file as seen below:

Then save out the file. That would set your visudo editor to vim.


The sudoers file isn’t something you’ll typically need to mess with on single user systems. But system administrators will have more than enough reason to explore its inner workings.

Alexander Fox Alexander Fox

Alexander Fox is a tech and science writer based in Philadelphia, PA with one cat, three Macs and more USB cables than he could ever use.


  1. Is the “sudoers” file a feature of the kernel or of individual distros? I use PCLinuxOS and there is no “sudoers” file present.

      1. I get “sudo – command not found” and my package manager does show ‘sudo’ as not installed.
        When I run ‘visudo’ as root, a blank sudoers file is opened up.

        In my years of using Linux, I have rarely used the ‘sudo’ command. I prefer to log in explicitly as root to perform any admin tasks.

        1. You can also run “su” instead of “sudo” which should be on every distro. You’ll run those as two separate commands: type “su”, press Enter, type password, run “visudo” from the root shell. You can also log in to root and then run visudo, if that’s a workflow you’re more familiar with.

    1. Do you have the “sudo” package installed? You may have to install “sudo” first. If that is the case, you may have to also add yourself to the “sudoers” file (as per above), or add yourself to the “wheel” group (most common I think.) For all of the above you will need to use “su” to operate as Root until you have sudo access. Once you wrap your head around it, it should make more sense!

  2. I am the only one that uses and will ever use my computer. Is there any reason for me to edit the sudoers file?

    1. On single user systems like your own, there isn’t much reason to adjust the sudoers file. You’re correct in assessing that the sudoers file is primarily for managing multiple users on the same computer.

  3. Is there a way for me to get a PDF version of this article? I liked it, and would like to keep a reference to it for future use. (Why and How to Edit Your Sudoers File in Linux)


    1. There’s a great tool out there called Print Friendly. You can use the website, but I have a browser extension. It saves websites as easy-to-print PDFs with adds and extra images removed. It also gives you a lot of control over what pages elements get removed.

      SITE: https://www.printfriendly.com/

  4. Isn’t sudo installed by default on ALL Linux distros?….or is it just Debian/Ubuntu flavors?….(I’ve never seen or used sudo on my Fedora or CEntOS machines…..nor my OpenSuSE box, just the Linux Mint laptop I have)…..I would think that just like “X11″…..”crond”…..cups or modprobe, these would be involved with a standard, plain-vanilla installation of any Linux distro. At least that was my understanding?…

    1. “Isn’t sudo installed by default on ALL Linux distros?”
      Apparently not. I use PCLinuxOS and ‘sudo’ is not installed by default but iy is available for installation from the repos. However, PCLOS allows explicit root login so sudo is not required for performing admin tasks.

Comments are closed.