Creating a Sudo-Enabled User
By default, the root user is set up during the installation of Linux. This user has all the rights to administer the operating system. The other users initially do not have administrator privileges.
The sudo command allows authorized users to run programs with root privileges. This article explains how to create a sudo-enabled user.
Creating Users
CentOS 7, CentOS Stream 8, and CentOS Stream 9
Log in as the root user on the desired server.
To create a new user, enter the following command:
[root@localhost ~]# adduser USERNAME
Example:
[root@localhost ~]# adduser johnsmith
To set the password of the new user, enter the following command:
[root@localhost ~]# passwd USERNAME
Example:
[root@localhost ~]# passwd johnsmith
Enter the desired password and repeat it.
Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Debian 10, and Debian 11
Log in as the root user on the desired server.
To create a new user, enter the following command:
[root@localhost ~]# adduser USERNAME
Example:
[root@localhost ~]# adduser johnsmith
Enter the desired password and repeat it.
Optional: Enter additional user information. To skip entering this information, press Enter.
Changing the user information for maxmustermann
Enter the new value, or press ENTER for the default
Full Name [ ]:
Room Number [ ]:
Work Phone [ ]:
Home Phone [ ]:
Other [ ]:
Is the information correct? [Y/n]Type Y and press Enter.
Suse Linux
Log in as the root user on the desired server.
To create a new user, enter the following command:
localhost: ~ # useradd USERNAME
Example:
localhost: ~ # useradd jsmith
To set the password of the new user, enter the following command:
localhost: ~ # passwd USERNAME
Example:
localhost: ~ # passwd jsmith
Enter the desired password and repeat it.
Test Sudo and Install (If Necessary)
Test to see if sudo is installed. To do this, type the following command:
sudo ls -la /root
If you see the message bash: sudo: command not found, sudo is not installed.
If sudo is already installed, you can skip this step. To install sudo, enter the following command:
CentOS 7, CentOS Stream 8, and CentOS Stream 9yum install sudo -y
Debian and Ubuntu
apt install sudo
Suse Linux
zypper in sudo
Installing Vim
If the Vim editor is not installed, enter the following command(s) to install the program:
CentOS 7, CentOS Stream 8, and CentOS Stream 9.
sudo yum install vim
Ubuntu
sudo apt-get install vim
Suse Linux
sudo zypper search vim
sudo zypper install vim
Assigning Sudo Rights to a User
CentOS 7, CentOS Stream 8, and CentOS Stream 9
To assign sudo privileges to a user in CentOS 7, CentOS Stream 8, and CentOS Stream 9, you must add the user to the wheel group. To add the user to this group, enter the following command:
[root@localhost ~]# usermod -aG wheel USERNAME
Example:
[root@localhost ~]# usermod -aG wheel jsmith
To check if the change was successful, enter the following command:
localhost:~ # groups USERNAME
Example:
localhost:~ # groups jsmith
Debian and Ubuntu
To assign sudo privileges to a user in Debian and Ubuntu, you must add the user to the sudo group. To add the user to this group, enter the following command:
[root@localhost ~]# usermod -aG sudo USERNAME
Example:
[root@localhost ~]# usermod -aG sudo jsmith
To check if the change was successful, enter the following command :
localhost:~ # groups USERNAME
Example:
localhost:~ # groups jsmith
Suse Linux
To assign sudo privileges to a user in Suse Linux, do the following:
Locate the system-group-wheel and system-user-mail packages. To do this, enter the following command:
localhost:~ # zypper se wheel mail
To install the packages, enter the following commands:
localhost:~ # sudo zypper install system-group-wheel
localhost:~ # sudo zypper install system-user-mailOpen the /etc/sudoers file using the vim editor. Enter the following command:
localhost:~ # visudo
Make sure that the commenting has been removed in the following lines. If necessary, remove the # character at the beginning of the line:
# Defaults targetpw # ask for the password of the target user i.e. root
And also this line:
# ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!
Note
The vim editor has an insert mode and a command mode. You can enter the insert mode by pressing the i key. In this mode, the entered characters are immediately inserted into the text. To enter the command mode, press the ESC key afterwards. When you use the command mode, your keyboard inputs are interpreted as a command.
Caution
If you only uncomment the line "Defaults targetpw" and leave the line ALL ALL=(ALL) ALL # WARNING! commented, all users will have access to the root level of the utilities by entering their own password.
Look for the User privilege specification entry.
To grant all members of the wheel group the privileges to execute all commands, you must remove the # character at the beginning of the following line to uncomment it:
# %wheel ALL=(ALL) ALL
To save the changes, press the escape key and then type the following command:
:wq
To assign sudo privileges to a user, you must add the user to the wheel group. To add the user to this group, type the following command:
localhost:~ # usermod -a -G wheel USERNAME
Example:
localhost:~ # usermod -a -G wheel jsmith
To check if the change was successful, enter the following command:
localhost:~ # groups USERNAME
Example:
localhost:~ # groups jsmith
Create the /etc/sudoers.d/userpw file using vi. Enter the following command:
localhost:~ # vi /etc/sudoers.d/userpw
Add the following entry:
Defaults !targetpw
To save the changes, press the escape key and then type the following command:
:wq
Testing Sudo-Enabled Users
To test whether the sudo permissions work, do the following:
To change the user, enter the following command:
[root@localhost ~]# su USERNAME
Example:
[root@localhost ~]# su jsmith
List the contents of the /root directory. To do this, type the following command:
[maxmustermann@localhost root]$ sudo ls -la /root
The first time you use sudo in a session, you are prompted for the user's password.
Enter the user's password.