Every time I execute a command with sudo, a file called .sudo_as_admin_successful is created in my home directory. As far as I can tell, this exists for the sole purpose of disabling this message that bash prints on startup:

To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

It's possible to stop that message by commenting out the relevant section in /etc/bash.bashrc, but sudo still creates an annoying file in my home directory.

This webpage suggests that you can stop the file being created by removing yourself from the admin group, but I'm not in any such group, and admin isn't in /etc/group.

Is there a way to stop this file being created?

I believe this is not a duplicate of this question, as that was asking if it was possible to make the notice printed by bash go away, rather than if it's possible to stop the file being created by sudo.

  • 44
    @edwinksl It's visual clutter when I'm trying to find something else. I shouldn't have to be aware of its existence, given that I'll never modify it.
    – ash
    Commented Aug 18, 2016 at 19:59
  • 6
    and that is why there is a . at the front. Why are you including hidden files in your views?
    – Rinzwind
    Commented Aug 18, 2016 at 20:48
  • 53
    At least this file should put itself in .config or .local. It's not infrequent that we need to browse hidden files, especially in the home directory. Isn't that why .config / .local were invented, because the ridiculous overload of the home directory, of which this file is possibly the most gratuitous example?
    – NeilG
    Commented Nov 14, 2018 at 10:14
  • 8
    Not to start a distro war (this is asked on askubuntu.com), but I double-checked: this is actually something that Ubuntu added which is not present in the upstream Debian distribution. It's likely added to be "user friendly" but I, like the OP, find the presence of random files like this annoying. Commented Jul 17, 2019 at 6:28
  • 3
    I doubt any ubuntu dev is going to look here but I just need to say that I find the creation of this file to be a lessening of security. It's permissions are 644 by default which means any user on the system can by default see who has sudo permissions. That said I see now that by default /etc/group is also world readable. But one file is easier to restrict access to than a, potentially recreated, file in every admin's home directory. Commented Jan 26, 2021 at 15:00

3 Answers 3


Based on the following section of the plugins/sudoers/sudoers.c source code file, it doesn't look like it's possible without recompiling sudo, undefining the USE_ADMIN_FLAG pre-processor macro.

Also, note that it's checking for group membership of both admin and sudo. I haven't checked the changelog, but I suspect the latter check was added when sudo became the default group for privileged users - perhaps the filename still refers to admin for compatibility.

1229 #ifdef USE_ADMIN_FLAG
1230 static int
1231 create_admin_success_flag(void)
1232 {
1233     struct stat statbuf;
1234     char flagfile[PATH_MAX];
1235     int len, fd = -1;
1236     debug_decl(create_admin_success_flag, SUDOERS_DEBUG_PLUGIN)
1238     /* Check whether the user is in the admin group. */
1239     if (!user_in_group(sudo_user.pw, "admin") &&
1240         !user_in_group(sudo_user.pw, "sudo"))
1241         debug_return_int(true);
1243     /* Build path to flag file. */
1244     len = snprintf(flagfile, sizeof(flagfile), "%s/.sudo_as_admin_successful",
1245         user_dir);
1246     if (len <= 0 || (size_t)len >= sizeof(flagfile))
1247         debug_return_int(false);
1249     /* Create admin flag file if it doesn't already exist. */
1250     if (set_perms(PERM_USER)) {
1251         if (stat(flagfile, &statbuf) != 0) {
1252             fd = open(flagfile, O_CREAT|O_WRONLY|O_EXCL, 0644);
1253             if (fd != -1)
1254                 close(fd);
1255         }
1256         if (!restore_perms())
1257             debug_return_int(-1);
1258     }
1259     debug_return_int(fd != -1);
1260 }
1261 #else /* !USE_ADMIN_FLAG */
1262 static int
1263 create_admin_success_flag(void)
1264 {
1265     /* STUB */
1266     return true;
1267 }
1268 #endif /* USE_ADMIN_FLAG */
  • 6
    According to github.com/sudo-project/sudo/issues/56 in newer versions of sudo the path can be changed or feature disabled in sudoers file. Worth updating the answer to include that
    – qwr
    Commented Feb 18, 2022 at 6:05

It looks like this issue is being dealt with right now: https://github.com/sudo-project/sudo/issues/56

From a sudo-project collaborator:

In sudo 1.9.6 the path can be changed or the feature disabled by using the admin_flag setting in the sudoers file.

That message comes from the /etc/bash.bashrc file which looks for $HOME/.sudo_as_admin_successful and displays a message if it doesn't exist. If you tell sudo not to create the admin flag file (and it doesn't already exist) then you will always receive that message from bash unless you modify /etc/bash.bashrc.

  • 3
    Annoyingly, this doesn't fix the issue on Ubuntu. Ubuntu doesn't use the latest version of sudo (which does fix this issue), but a modified old version where the issue is still present. Unless you want to do a custom installation of sudo, we'll have to wait for a future Ubuntu version where a newer sudo version is used.
    – Levi_OP
    Commented Mar 22, 2022 at 0:45
  • @Levi_OP: ... as with any other infrastructure software in a non-rolling distro like Ubuntu. Your statement is not exclusive to sudo
    – MestreLion
    Commented May 12, 2022 at 8:40
  • 2
    @MestreLion I was just explaining this to anyone who might think "it's being fixed" means they can have it fixed ... wasn't claiming this was exclusive to sudo.
    – Levi_OP
    Commented May 12, 2022 at 14:30

One could create a different group for accounts other than admin or sudo. For example, one could use the classic administrative group name of wheel. Does the group already exist?

getent group wheel

If not, create the group as a system group. (A system group is a group that has a GID within a range specified in /etc/login.defs.)

 sudo groupadd -r wheel

When the group exists, group your account with the wheel group.

sudo usermod -aG wheel your_username

Then modify the file /etc/sudoers with the program, visudo.


Add a line for the members of the wheel group.

%wheel ALL=(ALL:ALL) ALL

Save the file. Log out. Log back in so that your account is now in the wheel group. Make sure that your account is in the wheel group.


If your account is indeed in the wheel group, remove your account from the sudo or admin group - whichever applies to your system.

gpasswd --delete your_username sudo


gpasswd --delete your_username admin

Log out. Log back in so that your account is no longer a member of the sudo or admin group. Remove the file, .sudo_as_admin_successful.

rm ~/.sudo_as_admin_successful

Try another command with sudo and note that the file no longer appears.

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .