visudo tutorial

visudo is a tool for safely updating the /etc/sudoers file, found in most Linux systems (Ubuntu for example).

Here's what the Ubuntu man page says about it, I think it's a great summary:

visudo edits the sudoers file in a safe fashion, analogous to vipw(8). visudo locks the sudoers file against multiple simultaneous edits, provides basic sanity checks, and checks for parse errors. If the sudoers file is currently being edited you will receive a message to try again later.

Attention: due to the sensitive content of the /etc/sudoers file, you can only run visudo as root.

Using visudo to edit the /etc/sudoers

This is the default behavior of the visudo command: simply run it without any parameters, and it will open the contents of the /etc/sudoers file in a vi editor, allow you to edit it, and will then apply the changes.

The reason I'm highlighting the fact of applying the changes is because vi session will not be editing the actual /etc/sudoers file, but a temporary copy of it created by visudo. After you make the changes and exit the vi, visudo will do the syntax checks on the file before replacing the actual /etc/sudoers file.

Hint: if you're using a different text editor, you can easily override it by setting the EDITOR variable in your shell, visudo is intelligent enough to respect it and use the specified editor.

Using visudo to check the /etc/sudoers syntax

Sometimes you don't want to update the file using this command, but would like to verify that the syntax of /etc/sudoers is correct. That's when the -c option for visudo comes in:

root@ubuntu:~# visudo -c
/etc/sudoers file parsed OK

See also:

  • Pingback: sudo tutorial | UNIX Tutorial: Learn UNIX()

  • How do I update the /etc/sudoers file, so that any commands run by my users have the same permissions as root?

    I don't care about security it's a development machine and security tests are not envisaged to take place.