This assumes you are familiar with the /etc/sudoers file. 

In this example, john.doe attempts to issue the reboot command without sudo, and gets Permission denied. This is expected, as the reboot command requires elevated privileges.

[john.doe@server1 ~]# reboot
reboot: Permission denied

On a systemd system, the systemctl command is used to reboot the system, and only root has permission to execute the systemctl command.

[john.doe@server1 ~]# ls -l /bin/systemctl
-rwxr-xr-x. 1 root root 717568 Feb  4 10:30 /bin/systemctl

sudo is used to issue a command with elevated privileges. Let's say john.doe uses sudo to invoke the reboot command.

[john.doe@server1 ~]# sudo reboot

If john.doe has not been added to the /etc/sudoers file, the following will be displayed.

john.doe is not in the sudoers file. This incident will be reported.

If john.doe has been added to the /etc/sudoers file, but has not been granted permission to the command being issued, the following will be displayed.

john.doe is not allowed to run sudo on server1.  This incident will be reported.

John Doe can be granted permission to the reboot command (or any other command).

• Give a user permission to run certain commands
• Give a group permission to run certain commands

If John Doe is granted sudo permission with password, John will be prompted to provide his password, like this.

[john.doe@server1 ~]# sudo reboot
Password for john.doe: ******

If John Doe is granted sudo permission with the NOPASSWD option, John will not be prompted to provide his password and the system will reboot.

[john.doe@server1 ~]# sudo reboot