Q&A: Not a sudoer

Q I keep separate admin and regular user accounts on my MacBook Pro. Whenever I try to sudo in Terminal from the regular user account, I see a message complaining that this user is not in the sudoers file. Should I add that user account to the sudoers file, and if so, how?

A sudo, the shell command that executes commands as the ‘superuser’ root, is governed by a special configuration file that sits at /private/etc/sudoers.

By default, non-admin users can execute very few commands under the authority of sudo, and to get full benefit from it, you need to be logged in as an admin user. This is a good security measure, and you should think long and hard before you give a non-admin account such power.

You can read more about this by typing man sudo into Terminal, where you will also see that you need to take special measures to edit the sudoers file. Log in as the admin user, open Terminal, su root there, then type visudo to edit sudoers using standard vim commands. Further details are at man visudo and man sudoers.

Updated from the original, which was first published in MacUser volume 26 issue 20, 2010.