If you’re a Linux system admin, you probably find yourself scrambling to keep everything in check every day. There’s a lot to be done and doing this with a nod to security makes the task even more challenging. That’s why you dole out tasks to those admins under you. After all, if you attempt to do everything yourself, eventually you’re going to make a mistake, and mistakes can be disastrous in today’s light speed world of business. You create new users on your Linux servers and let those admins do their thing.
Problem is, when you create a new user, that user doesn’t have admin privileges. What do you do? Let me show you. In fact, I’m going to walk you through the process of creating an admin-ready user on Linux with just a few quick commands. I’ll demonstrate this on both Ubuntu Server 20.04 and CentOS 8, so you should be able to handle the task no matter what distribution you’re on.
SEE: Linux service control commands (TechRepublic Premium)
What you’ll need
- A running instance of Linux
- A user with sudo privileges
How to create a sudo-able user on Ubuntu Server
First, we’ll demonstrate how this is done on Ubuntu Server. Here, you can take care of creating the user with only two commands. The first command will create the new user:
sudo adduser USERNAME
Where USERNAME is the name of the user you want to add.
The adduser command will not only have you create a password for the user, but also have you enter the following (optional) details:
- Full Name
- Room Number
- Work Phone
- Home Phone
- Other
The adduser command will also automatically create the new user’s home directory, so you don’t have to worry about that.
With the new user created, it’s time to give them sudo rights. For this we’ll use the usermod command like so:
sudo usermod -aG sudo USER
Where USER is the new username.
You’ve just created a new user and given them sudo privileges on Ubuntu Server.
How to create a sudo-able user on CentOS
Here we have to take an extra step. First we create the user with command:
sudo adduser -m USER
Where USER is the username to be added. We include the -m option to ensure the home directory is created along with the user.
Next, we need to set the password for the user. However, we’re going to set the password such that the user will have to change their password upon first login. To do that we first must set an initial password with the command:
sudo passwd USER
Where USER is the new username we created.
This will prompt you to type and verify a new password. Once you’ve set that, you can then expire the password with the command:
sudo passwd --expire USER
Where USER is the new username we created.
Finally, we give the user admin privileges with the command:
sudo usermod -aG wheel USER
Where USER is the new username we created.
There you have it–you’ve created a new user and given them sudo privileges on both Ubuntu and CentOS. Now you only have to hope those users will employ sudo with caution.
How to remove sudo rights
If you find one of your admins not using sudo with respect to your policies, you might have to remove their rights. To do that, you’ll edit the /etc/group file and remove their name from either the sudo or the wheel entry. To do that, issue the command:
sudo nano /etc/group
Scan through that file for either the sudo (Ubuntu) or wheel (CentOS) entry (Figure A). When you find it, you should see the new user listed. Remove them from that line, save and close the file, and that user will no longer have sudo privileges.
Figure A
And that’s all there is to creating new users with admin privileges on Linux.
Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)