Understanding RPM Package Management Tutorial

Author Name: Chris Negus

08/31/2012

OVERVIEW
Red Hat Enterprise Linux, Fedora, and many other Linux distributions group their software together in
packages using what is referred to as RPM Package Manager (RPM). The "R" in RPM originally stood for
"Red Hat" but changed a few years ago to the recursive "RPM" to reflect the fact that other Linux
distributions besides Red Hat use this packaging system. If you are new to administering systems that use
RPM packaging, it is important that you understand what RPM packages are and how you work with them.
Using this tech brief as a tutorial you can learn about RPM packages and the commands for working with
those packages. The tech brief covers the following topics:
• What are RPM packages?
• How do you use the rpm command to install and query RPM packages on your local system?
• How do you use the yum command to download, install and otherwise manage RPM packages from
YUM software repositories?

WHAT ARE RPM PACKAGES?

When Linux was first created, most of the software used in Linux systems was passed around in tarballs. A
tarball is a single archive file (created using the tar command) that can contain multiple files. So, a software
project that created a Web server or a word processor application might gather up the files needed to make
their application work, then distribute a tarball of those files to those who wanted to install the application. A
user would untar the tarball and begin using the application. This approach had several disadvantages:
• Hard to manage. Once you installed the tarball, there was no way to manage the software. It would
be hard to know which version of the software you had. Because files could be spread across your file
system, it could be difficult to remove the software or upgrade it.
• Dependencies. If an application depended on other software being installed, it could be a manual
process to be sure that dependent software was in place and to keep that software up to date as well.
RPM packaging set out to solve the software management problem by packaging metadata along with the
software for an application. That metadata includes version numbers, the list of files in the package, a
description of the package, information about the packager, and many other items. The metadata can also
include dependencies (other software the package needs to work) and scripts (to run commands to do such
things as create directories, add a user account, or turn on a service).
At first, the rpm command was the primary tool created to install and manage RPM packages. Now the yum
command and related yum repositories and software channels have supplanted most (but not all) direct
uses of the rpm command. On top of yum, there are now graphical tools (such as PackageKit) and
automated update tools for further simplifying RPM package installation and management.
If you currently have a Red Hat Enterprise Linux installed, the best way to learn about RPM packages is to
download one and investigate it yourself. The following sections help you do that.

Understanding RPM Packages | Chris Negus 1

INVESTIGATING RPM PACKAGES
You can learn something about RPM packages by simply getting an RPM package and investigating it.
Assuming you have a Red Hat Enterprise Linux system to work from, here are two ways you can get an
RPM package to begin following along:
• Download a package: If you have a Red Hat Enterprise Linux system available that is registered with
Red Hat Network, you can use the yumdownloader command to get a package. For example, type
the following as root from a shell.
# yumdownloader amanda-2*

• Get a RHEL installation DVD: If you have a Red Hat Enterprise Linux installation DVD, insert it and
wait for it to automatically mount. Then open a shell and change to the Packages directory on the
DVD (for example, cd /media/RHEL*/Packages).
For RHEL 6.3, the package name is amanda-2.6.1p2-7.el6.x86_64.rpm (the package you get may be
different, as later versions are released or if you have a different type of computer). Just from the name, you
can tell a lot about the package. Figure 1 illustrates the different parts of the amanda RPM package:

Figure 1: Breakdown of RPM package naming

The basename of the package just shown is amanda. After that, the version number (2.6.1p2) is the version
assigned by the Amanda project (http://amanda.org), which tells us that the version number is 2.6.1, patch
level 2. The release information (7.el6) is added by the packager (in this case, Red Hat). The release shows
that this version of the package has been released 7 times (probably for bug fixes) and is associated with
Red Hat Enterprise Linux 6 (el6). This particular package was built for 64-bit PC-type architecture (x86_64).

USING THE RPM COMMAND

With the package in your current directory, you can investigate it in various ways before you install it.
Although the yum command is generally preferred for installing and removing packages (more on that later),
the rpm command is still the best choice for:

• Querying a package (if the package is on your local file system or after the package is installed)
• Validating a package (checking a package has not been tampered with, before or after installation).
To query package, use the -q option to the rpm command, along with an indication of what you want to
query. To query a package before it is installed, add the -p option along with the package name as an
argument.

Understanding RPM Packages | Chris Negus 2

To see information about the amanda package in your current directory, add the -i option to the rpm -qp
command line as follows:

# rpm -qpi amanda-2.6.1p2-7.el6.x86_64.rpm

Name : amanda Relocations: (not relocatable)

Version : 2.6.1p2 Vendor: Red Hat, Inc.
Release : 7.el6 Build Date: Wed 23 Jun 2010 07:39:33 AM EDT
Install Date: (not installed) Build Host: x86-007.build.bos.redhat.com
Group : Applications/System Source RPM: amanda-2.6.1p2-7.el6.src.rpm
Size : 1816241 License: BSD and LGPLv2 and GPLv3+ and GPLv2
Signature: RSA/8, Mon 16 Aug 2010 11:21:56 AM EDT, Key ID 199e2f91fd431d51
Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL : http://www.amanda.org
Summary : A network-capable tape backup solution
Description :
AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system
that allows the administrator of a LAN to set up a single master backup server to
back up multiple hosts to one or more tape drives or disk files. AMANDA uses
native dump and/or GNU tar facilities and can back up a large number of
workstations running multiple versions of Unix. Newer versions of AMANDA
(including this version) can use SAMBA to back up Microsoft(TM) Windows95/NT
hosts.

The amanda package contains the core AMANDA programs and will need to be installed
on both AMANDA clients and AMANDA servers. Note that you will have to install the
amanda-client and/or amanda-server packages as well.

You can read the Summary and Description to see what the package is used for. The URL identifies the web
site for the project (http://www.amanda.org). You can also see who created the RPM from this software (Red
Hat), as well as when and where the software was built. The Signature line shows that the package was
signed. This means that, if you have the public key associated with the private key used to sign the RPM,
you can check whether or not the package has been tampered with.
Now that you know basically what the package is for, use the following command to see what files the
package contains. First try the -l option to list the files the package contains:

# rpm -qpl amanda-2.6.1p2-7.el6.x86_64.rpm

/etc/amanda
/etc/amanda/DailySet1
/etc/xinetd.d/amanda
/usr/lib64/amanda
/usr/lib64/amanda/amanda-sh-lib.sh
/usr/lib64/amanda/chg-glue
...

The listing of files is shortened to save space. The full output shows that the package contains configuration
files, scripts use with amanda, and documentation. You can list some of that information separately. Here's
how to list configuration files in the amanda package:

# rpm -qpc amanda-2.6.1p2-7.el6.x86_64.rpm

/etc/xinetd.d/amanda
/var/lib/amanda/.amandahosts

To see documentation in the amanda package, type the following:

Understanding RPM Packages | Chris Negus 3

Copyright © 2012 Red Hat, Inc. “Red Hat,” Red Hat Linux, the Red Hat “Shadowman” logo, and the products www.redhat.com
listed are trademarks of Red Hat, Inc., registered in the U.S. and other countries. Linux® is the registered
trademark of Linus Torvalds in the U.S. and other countries.
# rpm -qpd amanda-2.6.1p2-7.el6.x86_64.rpm
/usr/share/doc/amanda-2.6.1p2/COPYRIGHT
/usr/share/doc/amanda-2.6.1p2/NEWS |
/usr/share/doc/amanda-2.6.1p2/README
/usr/share/doc/amanda-2.6.1p2/README-rpm
/usr/share/man/man5/amanda-archive-format.5.gz
/usr/share/man/man5/amanda.conf.5.gz
/usr/share/man/man7/amanda-auth.7.gz
/usr/share/man/man7/amanda-scripts.7.gz
/usr/share/man/man8/amarchiver.8.gz
/usr/share/man/man8/amrestore.8.gz

To see changes and bug fixes associated with the package, type the following:

# rpm -qp --changelog amanda-2.6.1p2-7.el6.x86_64.rpm

* Wed Jun 23 2010 Jan Görig <[email protected]> 2.6.1p2-7
- added amoldrecover description to amrecover man page
- Resolves: #593775

* Fri May 28 2010 Jan Görig <[email protected]> 2.6.1p2-6

- removed non existing -k option from amfetchdump help
- Resolves: #596050

One thing you can do with the rpm command is check that the package itself is valid and not corrupted.
Because amanda is part of the base Red Hat Enterprise Linux system, the package is signed and can be
checked against a public key that should already be imported on your system. (For packages that you get
from other organizations, you might need to import additional keys to check the validity of packages.)
The following command shows how to validate the amanda package (assuming the public key for the key
used to sign the package has been imported and the amanda package is in your current directory):

# rpm -qp --checksig amanda-2.6.1p2-7.el6.x86_64.rpm

amanda-2.6.1p2-7.el6.x86_64.rpm: rsa sha1 (md5) pgp md5 OK

From the rpm output, you can see the package listed as OK. I modified the package file (without modifying
the payload) and ran the command again. As you can see below, the package is NOT OK as it now stands:

# rpm -qp --checksig amanda-2.6.1p2-7.el6.x86_64.rpm

amanda-2.6.1p2-7.el6.x86_64.rpm: rsa sha1 (MD5) PGP MD5 NOT OK

In most cases, you should install packages using the yum command (as described later). However, in cases
where you have an RPM package available on your local system and there are not any components missing
on the system the package needs to work, you can use rpm to install the package. For example:

# rpm -ihv amanda-2.6.1p2-7.el6.x86_64.rpm

Preparing... ########################################### [100%]
1:amanda ########################################### [100%]

When you install an RPM package, the rpm command:

• Places the files the package contains into the proper locations in the file system.
• Stores the package's metadata in the local RPM database.
• In some cases, runs scripts to further configure the package.
Understanding RPM Packages | Chris Negus 4
After the package is installed, you can query information about the package from the local RPM database,
instead of from the package itself. To do this, you can drop the -p option from the query commands shown
earlier and use the package's basename. Here are some examples:
# rpm -qi amanda Query local RPM db for amanda information
# rpm -ql amanda Query local RPM db for all amanda files
# rpm -qc amanda Query local RPM db for amanda config files
# rpm -qd amanda Query local RPM db for amanda doc files
# rpm -q --changelog amanda Query local RPM db for amanda changes

If you are done with the amanda package, you can remove it using the rpm -e command:

# rpm -e amanda

To learn more about RPM Package Management and the rpm command, refer to Appendix B of the Red Hat
Enterprise Linux Deployment Guide:

https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html-
single/Deployment_Guide/index.html#ch-RPM

While the rpm command is good for learning about RPM packages, the yum command (and related tools) is
usually the better command for installing packages.

USING THE YUM COMMAND

The YUM facility was created because there were some things that the rpm command alone didn't do very
well. In particular, although each RPM package stored a list of components it depended on, there was no
way for the rpm command to satisfy those dependencies automatically. You had to hunt down each
dependent package yourself and make sure you had them all available in a local directory before you could
install the package you wanted. YUM changed that by:
• Making package dependencies the responsibilities of the software packagers. When Red Hat or
another RPM-based Linux distribution created a set of RPM packages, they would store those
packages in a software repository that was accessible on the network. The developers would make
sure that all packages needed by other packages in the repository were in that repository as well.
When someone used the yum command to ask to install a package, yum would download that
package from the repository, along with any dependent packages needed to make the requested
package work. Then all the necessary packages could be installed together.
• Making package upgrades easier. As new versions of a package are available, developers can
place them in the YUM repository. PackageKit or other software services on your Red Hat Enterprise
Linux system can be configured to check to see if new versions of packages you have installed are
available.
When you register your system with Red Hat Network, YUM repositories associated with the base Red Hat
Enterprise Linux system are enabled, along those associated with any additional software channels you
have added. Once that is done, you simply use the yum command to add packages, remove packages, or
query the repositories in various ways.
As an example of using the yum command, try installing the amanda-client package, as shown in the
following example:

Understanding RPM Packages | Chris Negus 5

# yum install amanda-client
Updating certificate-based repositories.
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package amanda-client.x86_64 0:2.6.1p2-7.el6 will be installed
--> Processing Dependency: amanda = 2.6.1p2-7.el6 for package: amanda-client-
2.6.1p2-7.el6.x86_64
--> Processing Dependency: perl(Amanda::Util) for package: amanda-client
2.6.1p2-7.el6.x86_64
...
--> Running transaction check
---> Package amanda.x86_64 0:2.6.1p2-7.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
amanda-client x86_64 2.6.1p2-7.el6 rhel-x86_64-server-6 203 k
Installing for dependencies:
amanda x86_64 2.6.1p2-7.el6 rhel-x86_64-server-6 546 k

Transaction Summary
==============================================================================
Install 2 Package(s)
Total download size: 749 k
Installed size: 0
Is this ok [y/N]: y

The yum install amanda-client command causes the yum command to search the YUM repository
(provided by Red Hat Network) to download and install the amanda-client package. Because amanda-client
requires components from the amanda package, that package is shown as required as well. Type y when
prompted and both software packages are downloaded and installed.
Here are some other yum command lines that might be useful to you:

# yum info amanda-client View information about a package

# yum repolist See a list of all enabled YUM repositories
# yum list available List packages available from all repositories
# yum list installed List all installed packages
# yum check-update Check for available updated packages
# yum update Update all packages with available updates
# yum clean all Clean out all cached yum data

There are other yum options available as well. See the yum man page (type man yum) for more information.
To learn other features of YUM, refer to Chapter 5 of the Red Hat Enterprise Linux Deployment Guide:

https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html-
single/Deployment_Guide/index.html#ch-yum

Understanding RPM Packages | Chris Negus 6

How to compress and extract files using the
tar Command on Linux
Key Takeaways

 The tar command on Linux is used to create and extract TAR archive files.
 Run "tar -czvf (archive name).tar.gz (pathtofile)” in the Terminal to compress a file or
folder. To extract an archive to the current folder, run the command “tar -xzvf
(archive file)".
 You can compress multiple directories or files at once by providing a list of files or
directories, and you can exclude certain files or directories using the --exclude switch.

The tar command on Linux is often used to create .tar.gz or .tgz archive files, also called
"tarballs." This command has a large number of options, but you just need to remember a few
letters to quickly create archives with tar. The tar command can extract the resulting archives,
too.

The GNU tar command included with Linux distributions has integrated compression. It can
create a .tar archive and then compress it with gzip or bzip2 compression in a single
command. That's why the resulting file is a .tar.gz file or .tar.bz2 file.

Compress an Entire Directory or a Single File

Use the following command to compress an entire directory or a single file on Linux. It'll also
compress every other directory inside a directory you specify — in other words, it works
recursively.

tar -czvf name-of-archive.tar.gz /path/to/directory-or-file

Here's what those switches actually mean:

 -c: Create an archive.

 -z: Compress the archive with gzip.
 -v: Display progress in the terminal while creating the archive, also known as
"verbose" mode. The v is always optional in these commands, but it's helpful.
 -f: Allows you to specify the filename of the archive.

Let's say you have a directory named "stuff" in the current directory and you want to save it
to a file named archive.tar.gz. You'd run the following command:

tar -czvf archive.tar.gz stuff

Or, let's say there's a directory at /usr/local/something on the current system and you want to
compress it to a file named archive.tar.gz. You'd run the following command:

tar -czvf archive.tar.gz /usr/local/something

Compress Multiple Directories or Files at Once
While tar is frequently used to compress a single directory, you could also use it to compress
multiple directories, multiple individual files, or both. Just provide a list of files or directories
instead of a single one. For example, let's say you want to compress the
/home/ubuntu/Downloads directory, the /usr/local/stuff directory, and the
/home/ubuntu/Documents/notes.txt file. You'd just run the following command:

tar -czvf archive.tar.gz /home/ubuntu/Downloads /usr/local/stuff

/home/ubuntu/Documents/notes.txt

Just list as many directories or files as you want to back up.

Exclude Directories and Files

In some cases, you may wish to compress an entire directory, but not include certain files and
directories. You can do so by appending an --exclude switch for each directory or file you
want to exclude.

For example, let's say you want to compress /home/ubuntu, but you don't want to compress
the /home/ubuntu/Downloads and /home/ubuntu/.cache directories. Here's how you'd do it:

tar -czvf archive.tar.gz /home/ubuntu --exclude=/home/ubuntu/Downloads --

exclude=/home/ubuntu/.cache

The --exclude switch is very powerful. It doesn't take names of directories and files — it
actually accepts patterns. There's a lot more you can do with it. For example, you could
archive an entire directory and exclude all .mp4 files with the following command:

tar -czvf archive.tar.gz /home/ubuntu --exclude=*.mp4

Use bzip2 Compression Instead

While gzip compression is most frequently used to create .tar.gz or .tgz files, tar also supports
bzip2 compression. This allows you to create bzip2-compressed files, often named .tar.bz2,
.tar.bz, or .tbz files. To do so, just replace the -z for gzip in the commands here with a -j for
bzip2.

Gzip is faster, but it generally compresses a bit less, so you get a somewhat larger file. Bzip2
is slower, but it compresses a bit more, so you get a somewhat smaller file. Gzip is also more
common, with some stripped-down Linux systems including gzip support by default, but not
bzip2 support. In general, though, gzip and bzip2 are practically the same thing, and both will
work similarly.

For example, instead of the first example we provided for compressing the stuff directory,
you'd run the following command:

tar -cjvf archive.tar.bz2 stuff

Extract a Tar File
Once you have an archive, you can extract it with the tar command. The following command
will extract the contents of archive.tar.gz to the current directory.

tar -xzvf archive.tar.gz

It's the same as the archive creation command we used above, except the -x switch replaces
the -c switch. This specifies you want to extract an archive instead of create one.

You may want to extract the contents of the archive to a specific directory. You can do so by
appending the -C switch to the end of the command. For example, the following command
will extract the contents of the archive.tar.gz file to the /tmp directory.

tar -xzvf archive.tar.gz -C /tmp

If the file is a bzip2-compressed file, replace the "z" in the above commands with a "j".
This is the simplest possible usage of the tar command. The command includes a large
number of additional options, so we can't possibly list them all here. For more information.
run the info tar command at the shell to view the tar command's detailed information page.
Press the q key to quit the information page when you're done. You can also read tar's manual
online.
How to Add and Delete Users on Debian
Adding and deleting users is one of the most basic tasks when starting from a fresh Debian
server.

Adding user can be quite useful. As your host grows, you want to add new users, assign them
special permissions, like sudo rights for example.

In this tutorial, we are going all the ways to add and delete users on Debian hosts.

Table of Contents

 Prerequisites
 Adding a user using adduser
 Adding a user using useradd
 Add a user using the GNOME desktop
 Check that your user was added
 Deleting a user using deluser
 Deleting a sudo user with visudo
 Deleting a user using the GNOME Desktop
 Troubleshooting
 adduser : command not found on Debian

Prerequisites
In order to add and delete users on Debian, you need to have sudo rights, or to belong to the
sudo group.

To check your sudo rights, run the following command

$ sudo -v

If no error messages appear, you are good to go, otherwise ask your system administrator to
provide you with sudo rights.

Adding a user using adduser

The first way to add users on Debian is to use the adduser command.

The adduser command is very similar to the useradd command. However, it provides a more
interactive way to add users on a Debian host.

Generally, it is preferred to use adduser rather than useradd (as recommended by the useradd
man page itself)

To add a user, run this command

$ sudo adduser ricky

Adding user 'ricky'

Adding new group 'ricky' (1007)
Adding new user 'ricky' (1005) with group 'ricky'
Creating home directory '/home/ricky'
Copying files from '/etc/skel'

You will be asked to choose a password for the user

New password: <type your password>

Retype new password: <retype your password>
Changing the user information for ricky

Then you will be asked to specify some specific information about your new user.

You can leave some values blank if you want by pressing Enter.

Enter the new value, or press ENTER for the default

Full Name []:
Room Number []:
Work Phone []:
Home Phone []:
Other []:

Finally, you will be asked if the information provided is correct. Simply press “Y” to add
your new user.

Is the information correct? [Y/n] Y

Now that your user was created, you can add it to the sudo group.

Adding a user using useradd

$ sudo useradd <username>

To assign a password to the user, you can use the -p flag but it is not recommended as other
users will be able to see the password.

To assign a password to a user, use the passwd command.

$ sudo passwd <username>

New password:
Retype new password:
passwd: password updated successfully

Add a user using the GNOME desktop

If you installed Debian with GNOME, you can also create a user directly from the desktop
environment.

In the Applications search bar, search for “Settings”.

In the Settings window, find the “Details” option.

Click on “Details”, then click on “Users”.
On the top right corner of the window, click on “Unlock”.

Enter your password, and a “Add User” option should now appear in the panel.

In the next window, choose what type of account you want for the user (either with sudo
rights or not).

Fill the full name field, as well as the username field.

You can choose to assign a password now or you can let the user decide on its password on
its next logon.

When you are done, simply click on “Add”.

Congratulations, your account was successfully created.
Check that your user was added
In order to check that your user was created on Linux, run the following command.

$ cat /etc/passwd | grep <user>

<user>:x:1005:1007:User,,,:/home/user:/bin/bash

If there are no entries for the user you just created, make sure to use the adduser command
again.

Deleting a user using deluser

In order to delete a user on Debian, you have to use the deluser command.

$ sudo deluser <username>

To remove a user with its home directory, run the deluser command with the –remove-home
parameter.

$ sudo deluser --remove-home <username>

Looking for files to backup/remove

Removing user 'user'
Warning: group 'user' has no more members.
Done.

To delete all the files associated with a user, use the –remove-all-files parameter.

$ sudo deluser --remove-all-files <username>

Deleting a sudo user with visudo
If you removed a sudo user on Debian, it is very likely that there is a remaining entry in your
sudoers file.

To delete a user from the sudoers file, run visudo.

$ sudo visudo

Find the line corresponding to the user you just deleted, and remove this line.

<username> ALL=(ALL:ALL) ALL

Save your file, and your user should not belong to the sudo group anymore.

Deleting a user using the GNOME Desktop

From the users panel we used to create a user before, find the “Remove user” option at the
bottom of the window.
Note : you need to unlock the panel to perform this operation.

When clicking on “Remove User”, you are asked if you want to keep the files owned by this
user. In this case, I will choose to remove the files.

Troubleshooting
In some cases, you may have some error messages when trying to execute some of the
commands above.

adduser : command not found on Debian

By default, the “adduser” command is located in the “/usr/sbin” folder of your system.

$ ls -l /usr/sbin/ | grep adduser

-rwxr-xr-x 1 root root 37322 Dec 5 2017 adduser

To solve this issue, you need to add “/usr/sbin” to your $PATH.

Edit your .bashrc file and add the following line

$ sudo nano ~/.bashrc

export PATH="$PATH:/usr/sbin/"

Source your bashrc file and try to run the adduser command again.

$ source ~/.bashrc

$ sudo adduser john

Adding user `john' ...
Adding new group `john' (1001) ...
Adding new user `john' (1001) with group `john' ...
Creating home directory `/home/john' ...
Copying files from `/etc/skel' ...

You solved the “adduser : command not found” problem on Debian.

How To Add a User to Sudoers On Debian

In today’s tutorial, we are going to see how you can add a user to sudoers on Debian
distributions.

The sudo command allows authorized users to perform commands as another user, which is
by default the root user.

There are two ways to add a user to sudoers : you can add this user to the sudo group or you
can add this user to the sudoers file located at etc.

Here are the details of the two methods.

Table of Contents

 I – Adding an existing user to the sudo group

 II – Adding an existing user to the sudoers file
 III – Adding a group to the sudoers file
 IV – Most Common Errors

I – Adding an existing user to the sudo group

As a prerequisites, make sure that the sudo command is available by default. If it’s not the
case, you can install it by running (with an account with admin rights)

$ apt-get update
$ apt-get install sudo

The first method is to add the user to the sudo group.

To do that, you are going to use the “usermod” command with the capital G flag (for groups)

$ sudo usermod -a -G sudo user

You can also use the gpasswd command to grand sudo rights.

$ sudo gpasswd -a bob sudo

Adding user to the group sudo

Make sure that the user belongs to the sudo group with the groups command.

$ su - user
(password for user)

$ groups
user sudo

You should now be able to perform a sudo request on Debian.

Depending on the configuration you chose during your Debian installation process, you may
or may not have access to a root account. If you chose a password for your root account, you
will be able to connect to it. Otherwise, the default admin account is the one you created
during the installation process.

II – Adding an existing user to the sudoers file

The sudoers file is located at /etc/sudoers.

This file contains a set of rules that are applied to determine who has sudo rights on a system,
which commands they can execute with sudo privileges, and if they should be prompted a
password or not.

However, you should never modify the sudoers file with a text editor.

Saving a bad sudoers may leave you with the impossibility of getting sudo rights ever again.

Instead, you are going to use visudo, a tool designed to make sure you don’t do any mistakes.

$ sudo visudo

This is what you should see.

At the end of the file, add a new line for the user.

john ALL=(ALL:ALL) ALL

By default, the account password will be asked every five minutes to perform sudo
operations.
However, if you want to remove this password verification, you can set the NOPASSWD option.

john ALL=(ALL:ALL) NOPASSWD:ALL

If you want the password verification to be skipped for longer periods of time, you can
overwrite the timestamp_timeout (in minutes) parameter in your sudoers file.

# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#

Defaults env_reset
Defaults mail_badpass
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
Defaults timestamp_timeout=30

III – Adding a group to the sudoers file

Via the visudo, you can add an entire group to the sudoers.

This might be handy if you have a group for system administrators for example. In this case,
you simply have to add a user to the system administrators group for him/her to be granted
sudo privileges.

To add a group to the sudoers file, simply add a percent symbol at the beginning of the file.

%sysadmins ALL=(ALL:ALL) NOPASSWD:ALL

Make sure that your user is part of the designed group with the groups command.

$ su - user
$ groups
user sysadmins

You can test your new sudo rights by changing your password for example

$ sudo passwd

IV – Most Common Errors

 user is not in the sudoers file. This incident will be reported.
This is the standard error message you get when a user does not belong to the sudo group on
Debian.

By adding this user to the sudoers file on Debian, this error message should not be raised
anymore.