User not in sudoers, but still can use sudo
I have a user user1 that is not in the sudoers file (nor belonging to groups in sudoer) but can still use sudo. How is it possible ?
user1~$ groups
user1 www-data
My sudoer conf
root ALL=(ALL) ALL
%sudo ALL=(ALL) ALL
#includedir /etc/sudoers.d
user1~$ sudo -l
User user1 may run the following commands on this host:
(ALL) ALL
As you can see, your sudoers file contains a line above which includes a number of other files from /etc/sudoers.d
. You may be thinking that the hash symbol in front is a comment, but from man sudoers
:
It is possible to include other sudoers files from within the sudoers file currently being parsed using the #include and #includedir directives.
You will need to show us the contents of all files in /etc/sudoers.d/
before we can comment on why user1 has sudo privileges.