sudo's and sudon'ts: /etc/sudoers

Who is and isn't allowed to sudo, as who, and to do what, are controlled by the contents of the file /etc/sudoers:
jrs@locutus:~$ sudo cat /etc/sudoers root ALL=(ALL:ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL # Allow members of group www-data to restart Apache # without entering a password %www-data ALL=NOPASSWD: /etc/init.d/apache2 #includedir /etc/sudoers.d
Never edit /etc/sudoers directly – always use visudo!

Who is and isn't allowed to sudo, as who, and to do what, are controlled by the contents of the file /etc/sudoers: