Creating a Sudo-Enabled User
By default, the root user is set up during the installation of Linux. This user has all the rights to administer the operating system. The other users initially do not have administrator privileges.
The sudo command allows authorized users to run programs with root privileges. This article explains how to create a sudo-enabled user.
Creating Users
CentOS 7, CentOS Stream 8, and CentOS Stream 9
Log in as the root user on the desired server.
To create a new user, enter the following command:
[root@localhost ~]# adduser USERNAME
Example:
[root@localhost ~]# adduser johnsmithTo set the password of the new user, enter the following command:
[root@localhost ~]# passwd USERNAME
Example:
[root@localhost ~]# passwd johnsmithEnter the desired password and repeat it.
Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Debian 10, and Debian 11
Log in as the root user on the desired server.
To create a new user, enter the following command:
[root@localhost ~]# adduser USERNAME
Example:
[root@localhost ~]# adduser johnsmithEnter the desired password and repeat it.
Optional: Enter additional user information. To skip entering this information, press Enter.
Changing the user information for maxmustermann
Enter the new value, or press ENTER for the default
Full Name [ ]:
Room Number [ ]:
Work Phone [ ]:
Home Phone [ ]:
Other [ ]:
Is the information correct? [Y/n]Type Y and press Enter.
Suse Linux
Log in as the root user on the desired server.
To create a new user, enter the following command:
localhost: ~ # useradd USERNAME
Example:
localhost: ~ # useradd jsmithTo set the password of the new user, enter the following command:
localhost: ~ # passwd USERNAME
Example:
localhost: ~ # passwd jsmithEnter the desired password and repeat it.
Test Sudo and Install (If Necessary)
Test to see if sudo is installed. To do this, type the following command:
sudo ls -la /root
If you see the message bash: sudo: command not found, sudo is not installed.If sudo is already installed, you can skip this step. To install sudo, enter the following command:
CentOS 7, CentOS Stream 8, and CentOS Stream 9
yum install sudo -y
Debian and Ubuntu
apt install sudo
Suse Linux
zypper in sudo
Assigning Sudo Rights to a User
CentOS 7, CentOS Stream 8, and CentOS Stream 9
To assign sudo privileges to a user in CentOS 7, CentOS Stream 8, and CentOS Stream 9, you must add the user to the wheel group. To add the user to this group, enter the following command:
[root@localhost ~]# usermod -aG wheel USERNAME
Example:
[root@localhost ~]# usermod -aG wheel jsmith
To check if the change was successful, enter the following command:
localhost:~ # groups USERNAME
Example:
localhost:~ # groups jsmith
Debian and Ubuntu
To assign sudo privileges to a user in Debian and Ubuntu, you must add the user to the sudo group. To add the user to this group, enter the following command:
[root@localhost ~]# usermod -aG sudo USERNAME
Example:
[root@localhost ~]# usermod -aG sudo jsmith
To check if the change was successful, enter the following command :
localhost:~ # groups USERNAME
Example:
localhost:~ # groups jsmith
Suse Linux
To assign sudo privileges to a user in Suse Linux, do the following:
Locate the system-group-wheel and system-user-mail packages. To do this, enter the following command:
localhost:~ # zypper se wheel mailTo install the packages, enter the following commands:
localhost:~ # sudo zypper install system-group-wheel
localhost:~ # sudo zypper install system-user-mailOpen the /etc/sudoers file using the vim editor. Enter the following command:
localhost:~ # visudoMake sure that the commenting has been removed in the following lines. If necessary, remove the # character at the beginning of the line: # Defaults targetpw # ask for the password of the target user i.e. root
And also this line:
# ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!
Note
The vim editor has an insert mode and a command mode. You can enter the insert mode by pressing the i key. In this mode, the entered characters are immediately inserted into the text. To enter the command mode, press the ESC key afterwards. When you use the command mode, your keyboard inputs are interpreted as a command.
Caution
If you only uncomment the line "Defaults targetpw" and leave the line ALL ALL=(ALL) ALL # WARNING! commented, all users will have access to the root level of the utilities by entering their own password.
Look for the User privilege specification entry.
To grant all members of the wheel group the privileges to execute all commands, you must remove the # character at the beginning of the following line to uncomment it:
# %wheel ALL=(ALL) ALLTo save the changes, press the escape key and then type the following command:
:wqTo assign sudo privileges to a user, you must add the user to the wheel group. To add the user to this group, type the following command:
localhost:~ # usermod -a -G wheel USERNAME
Example:
localhost:~ # usermod -a -G wheel jsmithTo check if the change was successful, enter the following command:
localhost:~ # groups USERNAME
Example:
localhost:~ # groups jsmithCreate the /etc/sudoers.d/userpw file using vi. Enter the following command:
localhost:~ # vi /etc/sudoers.d/userpwAdd the following entry:
Defaults !targetpwTo save the changes, press the escape key and then type the following command:
:wq
Testing Sudo-Enabled Users
To test whether the sudo permissions work, do the following:
To change the user, enter the following command:
[root@localhost ~]# su USERNAME
Example:
[root@localhost ~]# su jsmithList the contents of the /root directory. To do this, type the following command:
[maxmustermann@localhost root]$ sudo ls -la /rootThe first time you use sudo in a session, you are prompted for the user's password.
Enter the user's password.