This blog post describes how you can enable sudo for any user on the Raspberry Pi OS, Raspbian.
Why sudo is important
Sudo is a command that lets you run a command as the “Super User”. The super user’s username is typically root on Linux machines. Instead of logging in as the root user and running your commands it is recommended to use sudo.
There are a number of reasons for this and the primary one is security. Running as root will let you change/delete any files on the filesystem. There are a lot of files you will not want to edit or remove as doing so would cause issues for the computer. This could be you purposely (and wrongly) modifying files or a program you run accidentally changing them.
In addition to accidental issues, there are also malicious programs to consider. If you run everything as root then anything you run also has these rights. If you accidentally run a malicious script then it will have rights to do anything on your computer unhindered.
Since there will always be times you will want to run something with superuser rights sudo can help. Sudo allows you to run a single or multiple commands as the superuser. Once you have finished running your command with sudo it will return to running as your user.
This means that any commands you need to run as the superuser, you can prefix with
sudo but otherwise you run as your user. This gives both an appropriate level of security and flexibility with running your computer.
Adding sudo to a user
pi user on Raspbian OS will have been given sudo access. However if you create a new Linux user on Raspbian you may want to give it sudo access.
To allow a user to run sudo on Raspbian OS you can add them to the group
sudo group. This can be achieved running the following command.
usermod -aG sudo chewett
This command requires running as root so you will either need to log in as root or use the pi user. This user is configured by default to have the sudo privilege. You will need to replace
chewett with the user you want to add sudo privileges to.
Once this has been given to the user you will need to reload the group permissions. This can be done by logging out and back in again.