Why the primary user can use the sudo command if he does not appear in the /etc/sudoers file?

Hello friends

When Fedora Workstation is being installed is requested create a primary user, let’s named as tron

Once installed the OS is possible later do updates in the system through the sudo dnf update command and related. The point is that the sudo command can be used

Through VirtualBox was installed Debian 12 as Desktop where is requested the root and primary users. I’ve confirmed that the primary user can not use the sudo command.

If is need it that the primary user can use the sudo command as in Fedora. So after to watch some videos in YouTube is mandatory add the user in the /etc/sudoers file as follows:

root	ALL=(ALL:ALL) ALL
tron	ALL=(ALL:ALL) ALL

Of course, the root account can be logged through the su -l root command

Just being curious I assumed that in Fedora in the /etc/sudoers file was already added throughout the OS installation the tron ALL=(ALL:ALL) ALL line but it is not the case.

Question

  • Why the primary user can use the sudo command if he does not appear in the /etc/sudoers file?

A user created with administrative privileges will be added to the wheel group. That group does exist in the /etc/sudoers file.

2 Likes

That is one of the differences between Debian based OS’s and RHEL OS’s
While the first uses the sudo group, second uses the wheel group as @ernie-07 mentioned

## Allows people in group wheel to run all commands
%wheel	ALL=(ALL)	ALL

## Same thing without a password
# %wheel	ALL=(ALL)	NOPASSWD: ALL

## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d

Good practice in Fedora is that you not edit the sudoers file but instead use the /etc/sudoers.d directory to create a user specific file. This way you can save this with the users .dot files.

To check this on any Linux, as a superuser, just use the groups command

3 Likes

The first user added becomes the administrator and is part of the wheel group.
You should see this

$ sudo grep wheel /etc/sudoers
## Allows people in group wheel to run all commands
%wheel	ALL=(ALL)	ALL
# %wheel	ALL=(ALL)	NOPASSWD: ALL

and

$ groups
USER wheel 
1 Like

Thanks to all for the polite support

1 Like