As you know two types of users are available in Linux one is root user another is a normal user. The root user has administrator privileges and the normal user doesn’t. But normal user can work as root user if uses sudo command.
The sudo is a powerful command, that grant administrator or root privileges to a normal user. But every normal user can’t run sudo command, only normal user having a membership of sudo group can perform this task.
In this article I will cover creating a new user and add user to sudo in CentOS, Debian and Ubuntu. And how to remove a user from sudo group. How to add user to sudoers file. well explained and step by step with examples.
- Create a new user
- Add Existing user to sudo group Method 1
- Add Existing user to sudo group Method 2
- Add user to the sudoers file
- How to remove a user from sudo
Create a New User in Ubuntu
Step 1: Login to your Linux system / Server with root user.
First, You will add a new normal user with strong password. Later you can make it sudo user.
One of my another post, I have described about creating new users. Check out How to Create User in Linux by Adduser
root@Ubuntu-19:~#adduser nonu Adding user `nonu' ... Adding new group `nonu' (1001) ... Adding new user `nonu' (1001) with group `nonu' ... Creating home directory `/home/nonu' ... Copying files from `/etc/skel' ... New password: Retype new password: passwd: password updated successfully Changing the user information for nonu Enter the new value, or press ENTER for the default Full Name : Divyansh Room Number : 42 Work Phone : Not exist Home Phone : Details Other : no Is the information correct? [Y/n] Y root@Ubuntu-19:~#
Once you have created a new user. You should check first “Is it able to run sudo command or not?” Once you have confirmed, please write in the comment box what happened with your system
I am going to follow instruction to test new user.
First I used the following command to switch from root user to normal user (nonu)
root@Ubuntu-19:~#root@Ubuntu-19:~# su nonu nonu@Ubuntu-19:/root$
You can see in the above example, I switched to nonu user. Now I run the following command to test sudo privileges.
nonu@Ubuntu-19:/root$sudo cat /etc/passwd [sudo] password for nonu: nonu is not in the sudoers file. This incident will be reported. nonu@Ubuntu-19:/root$
In the result getting error to run sudo command. It means normal user can’t run sudo command.
Add Existing user to sudo group Method 1
The first method is very easy, you just run the following command. and Normal user will be super user within seconds.
#adduser username sudo
I am going to add user (nonu) to sudo user so I used nonu instead of the username. See the following example:
root@Ubuntu-19:~#adduser nonu sudo Adding user `nonu' to group `sudo' ... Adding user nonu to group sudo Done. root@Ubuntu-19:~#
When I switched to nonu user account, and I got the following message
To run a command as administrator (user "root"), use "sudo ". See "man sudo_root" for details.
See Result Below.
root@Ubuntu-19:~#su nonu To run a command as administrator (user "root"), use "sudo
". See "man sudo_root" for details.nonu@Ubuntu-19:/root$
Now again, I tested nonu user and Found it is working fine as sudo user.
nonu@Ubuntu-19:/root$sudo cat /etc/passwd [sudo] password for nonu: root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
Method 2: Add Existing user to sudo group
Use the usermod command to add the user to the sudo group.
root@Ubuntu-19:~#usermod -aG sudo nonu root@Ubuntu-19:~#
Add user to the sudoers file
You can configure the sudoers file to run sudo command. The sudoers file is located at /etc/sudoers. And you should not edit it directly, you need to use the visudo command. and enter the following line at end of the file:
username ALL=(ALL) ALL # Change the user name before you issue the commands
Once you access root user and enter visudo command, to edit sudoers file. you will see something like this:
Then perform WriteOut with Ctrl + O. The editor will ask you for the file name to write into. The default will be a temporary file that’s used by visudo to check for syntax errors before saving to the actual sudoers file. Press Enter to accept it. Quit the nano editor with Ctrl + X
How to remove a user from sudo
Have you granted administrator privileges to wrong user? or You don’t want to continue nonu user as sudo anymore. In this case, you can remove the user from sudo group.
I am going to complete this task by using the following command.
root@Ubuntu-19:~#deluser nonu sudo Removing user `nonu' from group `sudo' ... Done. root@Ubuntu-19:~#
You have learned how to create a user with sudo privileges. You can now log in to your Ubuntu server with this user account and use sudo to run administrative commands.
That’s all! Feel free to leave a comment if you have any questions.
Thanks for Reading