Debian and CentOS Add User to sudo group and sudoers File

Debian and CentOS Add User to sudo group and sudoers File

As you know two types of users are available in Linux one is root user another is a normal user. The root user has administrator privileges and the normal user doesn’t. But normal user can work as root user if uses sudo command.

The sudo is a powerful command, that grant administrator or root privileges to a normal user. But every normal user can’t run sudo command, an only normal user having a membership of sudo group can perform this task.

In this article I will cover creating a new user and add user to sudo in CentOS, Debian and Ubuntu. And how to remove a user from sudo group. How to add user to sudoers file. well explained and step by step with examples.

Article Contents

Create a New User in Ubuntu

Step 1: Login to your Linux system / Server with root user.

First, You will add a new normal user with strong password. Later you can make it sudo user.

One of my another post, I have described about creating new users. Check out How to Create User in Linux by Adduser

root@Ubuntu-19:~#adduser nonu
Adding user `nonu' ...
Adding new group `nonu' (1001) ...
Adding new user `nonu' (1001) with group `nonu' ...
Creating home directory `/home/nonu' ...
Copying files from `/etc/skel' ...
New password: 
Retype new password: 
passwd: password updated successfully
Changing the user information for nonu
Enter the new value, or press ENTER for the default
	Full Name []: Divyansh
	Room Number []: 42
	Work Phone []: Not exist
	Home Phone []: Details
	Other []: no
Is the information correct? [Y/n] Y
root@Ubuntu-19:~#

Once you have created a new user. You should check first “Is it able to run sudo command or not?” Once you have confirmed, Please write in comment box what happend with your system

I am going to follow instruction to test new user.

First I used the following command to switch from root user to normal user (nonu)

root@Ubuntu-19:~#root@Ubuntu-19:~# su nonu
nonu@Ubuntu-19:/root$

You can see in the above example, I switched to nonu user. Now I run the following command to test sudo privileges.

nonu@Ubuntu-19:/root$sudo cat /etc/passwd
[sudo] password for nonu: 
nonu is not in the sudoers file.  This incident will be reported.
nonu@Ubuntu-19:/root$

In the result getting error to run sudo command. It means normal user can’t run sudo command.

Add Existing user to sudo group Method 1

First method is very easy, You just run the following command. and Normal user will be super user with in seconds.

#adduser username sudo

I am going to add user (nonu) to sudo user so I used nonu instead of username. See the following example:

root@Ubuntu-19:~#adduser nonu sudo
Adding user `nonu' to group `sudo' ...
Adding user nonu to group sudo
Done.
root@Ubuntu-19:~#

When I switched to nonu user account, and I got following message

To run a command as administrator (user "root"), use "sudo ".
See "man sudo_root" for details.

See Result Below.

root@Ubuntu-19:~#su nonu
To run a command as administrator (user "root"), use "sudo ".
See "man sudo_root" for details.
nonu@Ubuntu-19:/root$

Now again, I tested nonu user and Found it is working fine as sudo user.

nonu@Ubuntu-19:/root$sudo cat /etc/passwd
[sudo] password for nonu: 
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin

Method 2: Add Existing user to sudo group

Use the usermod command to add the user to the sudo group.

root@Ubuntu-19:~#usermod -aG sudo nonu
root@Ubuntu-19:~#

Add user to the sudoers file

You can configure the sudoers file to run sudo command. The sudoers file is located at /etc/sudoers. And you should not edit it directly, you need to use the visudo command. and enter the following line at end of file:

username ALL=(ALL) ALL # Change the user name before you issue the commands

Once you access root user and enter visudo command, to edit sudoers file. you will see something like this:

#visudo

Then perform WriteOut with Ctrl + O. The editor will ask you for the file name to write into. The default will be a temporary file that’s used by visudo to check for syntax errors before saving to the actual sudoers file. Press Enter to accept it. Quit the nano editor with Ctrl + X

How to remove a user from sudo

Have you granted administrator privilages to wrong user? or You don’t want to continue nonu user as sudo anymore. In this case you can remove user from sudo group.

I am going to complete this task by using following command.

root@Ubuntu-19:~#deluser nonu sudo
Removing user `nonu' from group `sudo' ...
Done.
root@Ubuntu-19:~#

Conclusion

You have learned how to create a user with sudo privileges. You can now log in to your Ubuntu server with this user account and use sudo to run administrative commands.

That’s all! Feel free to leave a comment if you have any questions.

Thanks for Reading

Have fun!

If Appreciate My Work, You should consider: