"Sorry, user user1 is not allowed to execute '/bin/ls' as root on hostname"

I ran sudo ls as user1 and I got this message.

Sorry, user user1 is not allowed to execute '/bin/ls' as root on hostname.

And this is my user1 group info and sudoers file.

user1@hostname:$ id
uid=1000(user1) gid=1000(user1) groups=1000(user1),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),110(lpadmin),111(sambashare)

user1@hostname:$ cat /etc/sudoers
Defaults    env_reset
Defaults    mail_badpass
Defaults    secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

I don’t know what changes I made before this problem occurred.
My system is Ubuntu 14.04.5 (DigitalOcean).

Asked By: PoundXI


I found the problem in the file /etc/sudoers.d/user1.

I had set user1 to execute only sudo bash command and forgotten about it.

Thanks muru for suggesting the sudo -l command.

user1   ALL=NOPASSWD: !ALL, /bin/bash
Answered By: PoundXI

Usually it is a problem with your additions to /etc/sudoers or /etc/sudoers.d
If you use a command outside of files in secure_path you need to add the path (for example, /my/special/path/bin

Answered By: Dan Anderson
Categories: Answers Tags: , , ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.