How can I use docker without sudo?

Question

EdiD

Asked: 2016-09-24 09:26:15 +0800 CST2016-09-24 09:26:15 +0800 CST 2016-09-24 09:26:15 +0800 CST

Sudo user not in sudo group?

772

When adding user like this :

sudo adduser someuser --ingroup sudo

Added user can use sudo but he is not in /etc/group sudo nor in /etc/sudoers
So how does it work ?

2 Answers

Voted

heemayl · Answer 1 · 2016-09-24T09:55:56+08:00

heemayl

2016-09-24T09:55:56+08:002016-09-24T09:55:56+08:00

The --ingroup option of adduser changes/adds the Primary group of the added user, and the primary group of a user is stored in the /etc/passwd file, in the : separated fourth field, as numeric GID.

So sudo is reading the /etc/passwd file, and finding that the user someuser has the primary group sudo, so the sudo commands are working perfectly.

Now, /etc/group's sudo group entry still would not show the membership, because /etc/group only stores the secondary group membership, not primary.

2

Byte Commander · Answer 2 · 2016-09-24T10:08:01+08:00

Your adduser command sets the user's primary group to sudo.

From man adduser:

   By  default,  each  user  in  Debian GNU/Linux is given a corresponding
   group with the same name.       [ ... ]                  Users' primary
   groups  can  also be overridden from the command line with the --gid or
   --ingroup options to set the group by id or name, respectively. 

   [ ... ]  

   --ingroup GROUP
          Add the new user to GROUP instead of a usergroup or the  default
          group  defined  by  USERS_GID  in  the configuration file.  This
          affects the users primary group.  To add additional groups,  see
          the add_extra_groups option

The primary group normally has the same name and ID as the user. It is not stored in /etc/group but in /etc/passwd, like this:

bytecommander:x:1000:1000:ByteCommander,,,:/home/bytecommander:/bin/bash

The 4th :-separated field contains the GID (group ID) of the user's primary group.

Now /etc/group contains a list of all groups and associates users that have this group as additional (not primary) group, like this:

sudo:x:27:bytecommander

The distinction between primary and additional groups is also visible in the output of the id command (formatting by me):

$ id
uid=1000(bytecommander) 
gid=1000(bytecommander) 
groups=1000(bytecommander),27(sudo)

What is important for the use of sudo is only membership in the sudo group, it does not distinguish primary and secondary membership. The responsible configuration line can be found in /etc/sudoers and looks like this:

%sudo   ALL=(ALL:ALL) ALL

This line grants all members of the sudo group automatically full permissions to run any command as any user, without having to specify each user manually.

Sudo user not in sudo group?

How to install Google Chrome

Is there a command to list all users? Also to add, delete, modify users, in the terminal?

How to delete a non-empty directory in Terminal?

How to unzip a zip file from the Terminal?

How can I copy the contents of a folder to another folder in a different directory using terminal?

How do I install a .deb file via the command line?

How do I run .sh scripts?

How do I install a .tar.gz (or .tar.bz2) file?

How to list all installed packages

Unable to lock the administration directory (/var/lib/dpkg/) is another process using it?