Today’s article may take a different format than most, as it’s just an article telling you to use visudo to edit the sudoers file. This type of article doesn’t lend itself to my normal formatting and should be considered akin to a Public Service Announcement.
So, let’s start with the basics:
What Is The sudoers File?
Very simply, the sudoers file is the file on your system that decides who has permission to use elevated permissions via sudo. The sudoers file is pretty important and it’s easy to make mistakes while editing it. Fortunately, there’s some protection you can use while editing the sudoers file.
If you’re curious, we normally recommend using sudo instead of using root because sudo only gives the command elevated permissions while root always has elevated permissions. Those folks reading my site are generally fairly new to Linux and, as such, I strongly suggest using sudo instead of just logging in as root. Sure, it’s more of a hassle, but it’ll help save you from yourself.
What is visudo?
The visudo command will open your sudoers file with your default text editor. In many cases that will be Vim, but Nano is starting to be the default for more distros. I prefer the latter.
The visudo command defines itself like so:
visudo — edit the sudoers file
Further, and helpfully, you’ll find this in the description:
visudo edits the sudoers file in a safe fashion, analogous to vipw(8). visudo locks the sudoers file against multiple simultaneous edits, provides basic sanity checks, and checks for parse errors before installing the edited file. If the sudoers file is currently being edited you will receive a message to try again later.
So, as you can see, using visudo will help protect you from mistakes.
NOTE: While visudo can save you from syntax mistakes, it will do nothing to prevent you from entering the wrong information. If you open a second terminal and pre-authenticate for sudo, and do so quickly enough, you can then use that second terminal to fix it (re-editing the sudoers file).
Use visudo To Edit The sudoers File:
The sudoers file is located at /etc/sudoers and is a plain text file. It’s just a configuration file, like so many other configuration files. But, as described above, it’s a very important file. It’s also possible to mount the drive with a live Linux instance to edit the file, but that’s not something I’d recommend. Besides, if you use visudo to edit the sudoers file that shouldn’t be a problem.
You don’t need to specify anything when you want to edit the sudoers file. You don’t have to specify the file’s location. The visudo command knows where your sudo file is (unless you’ve modified this, as you can make a second config file and edit that) all by itself. If you want to use visudo to edit the sudoers file, you simply need this command in your favorite terminal:
1 | sudo visudo |
The very first line of that file says this:
This file MUST be edited with the ‘visudo’ command as root.
I realize what it says, but in this case, you can replace ‘root’ with ‘sudo’ which will elevate your permissions to those of root. So, we’re sort of still using root to edit the file, but we’re technically just using sudo.
Closure:
There is my PSA about using visudo to edit that sudoers file. You must do so, especially if you’re new. You might be able to avoid a syntax error, but there’s no reason to not use visudo which will check for that sort of stuff.
I suppose the name comes from a time when Vi was still popular and it’s not a complete solution. You can still enter garbage and get garbage results. If you’re unprepared for the potential consequences, you might want to avoid editing the sudoers file until you’ve gained some confidence and have more familiarity with the tools Linux provides.
Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.
