🎁 New User? Get 20% off your first purchase with code NEWUSER20 Register Now →
Menu

Categories

Home » Learn » Linux Commands » visudo

visudo Command

Intermediate User Management man(1)

Safely edit the sudoers file

👁 10 views 📅 Updated: Mar 15, 2026
SYNTAX
visudo [OPTION]...

What Does visudo Do?

visudo safely edits the /etc/sudoers file. It locks the file against simultaneous edits, validates syntax before saving, and prevents saving a broken sudoers file that could lock everyone out of sudo.

Never edit /etc/sudoers directly with a regular text editor — a syntax error can prevent all sudo access. visudo validates the file and rejects invalid configurations.

visudo opens the sudoers file in the default editor (set by EDITOR or VISUAL environment variables). Common editors: nano, vim, or vi.

Options & Flags

OptionDescriptionExample
-c Check syntax only (do not edit) sudo visudo -c
-f Edit a specific sudoers file sudo visudo -f /etc/sudoers.d/custom
-s Strict mode (more rigorous checking) sudo visudo -s

Practical Examples

#1 Edit sudoers

Opens /etc/sudoers for safe editing with syntax validation.
$ sudo visudo

#2 Check syntax

Validates the sudoers file without opening for editing.
$ sudo visudo -c
Output: /etc/sudoers: parsed OK

#3 Edit custom sudoers file

Edits a drop-in sudoers file with syntax checking.
$ sudo visudo -f /etc/sudoers.d/developers

#4 Grant sudo to user

Grants full sudo access to user jdoe.
$ # Add this line in visudo:\njdoe ALL=(ALL:ALL) ALL

#5 Allow specific command

Allows deployer to restart nginx without password.
$ # Add this line:\ndeployer ALL=(ALL) NOPASSWD: /usr/bin/systemctl restart nginx

#6 Use /etc/sudoers.d/

Creates a drop-in file and validates syntax.
$ echo 'jdoe ALL=(ALL) NOPASSWD: ALL' | sudo tee /etc/sudoers.d/jdoe && sudo visudo -c

Tips & Best Practices

Never use nano/vim directly: Always use visudo to edit sudoers. A syntax error in sudoers can permanently lock out sudo access.
Use /etc/sudoers.d/ directory: Create files in /etc/sudoers.d/ instead of editing /etc/sudoers directly. Easier to manage and less risky.
Change editor: Set your editor: export EDITOR=nano, then visudo uses nano instead of vim.

Frequently Asked Questions

How do I give a user sudo access?
Run sudo visudo and add: username ALL=(ALL:ALL) ALL. Or easier: sudo usermod -aG sudo username.
How do I allow sudo without password?
Add in visudo: username ALL=(ALL) NOPASSWD: ALL. For specific commands: username ALL=(ALL) NOPASSWD: /path/to/command.
Why should I use visudo instead of editing directly?
visudo validates syntax before saving. A syntax error in /etc/sudoers can lock all users out of sudo.

Related Commands

chown

Change file owner and group

 passwd

Change user password

 su

Switch user or become superuser

 sudo

Execute a command as another user (typically root)

 usermod

Modify a user account

More User Management Commands

adduser

Add a user to the system (interactive, Debian-based)

 chage

Change user password expiry information

 groupadd

Create a new group

 groups

Print group memberships for a user

 id

Print user and group IDs

 last

Show listing of last logged in users

 passwd

Change user password

 su

Switch user or become superuser

 sudo

Execute a command as another user (typically root)

 useradd

Create a new user account

 userdel

Delete a user account

 usermod

Modify a user account
usermod Command 📋 All Commands vmstat Command →

Master Linux with Professional eBooks

Curated IT eBooks covering Linux, DevOps, Cloud, and more

Browse Books →