If you’re a Linux system admin, you probably find yourself scrambling to keep everything in check every day. There’s a lot to be done and doing this with a nod to security makes the task even more challenging. That’s why you dole out tasks to those admins under you. After all, if you attempt to do everything yourself, eventually you’re going to make a mistake, and mistakes can be disastrous in today’s light speed world of business. You create new users on your Linux servers and let those admins do their thing.

Problem is, when you create a new user, that user doesn’t have admin privileges. What do you do? Let me show you. In fact, I’m going to walk you through the process of creating an admin-ready user on Linux with just a few quick commands. I’ll demonstrate this on both Ubuntu Server 20.04 and CentOS 8, so you should be able to handle the task no matter what distribution you’re on.

SEE: Linux service control commands (TechRepublic Premium)

What you’ll need

  • A running instance of Linux
  • A user with sudo privileges

How to create a sudo-able user on Ubuntu Server

First, we’ll demonstrate how this is done on Ubuntu Server. Here, you can take care of creating the user with only two commands. The first command will create the new user:

sudo adduser USERNAME

Where USERNAME is the name of the user you want to add.

The adduser command will not only have you create a password for the user, but also have you enter the following (optional) details:

  • Full Name
  • Room Number
  • Work Phone
  • Home Phone
  • Other

The adduser command will also automatically create the new user’s home directory, so you don’t have to worry about that.

With the new user created, it’s time to give them sudo rights. For this we’ll use the usermod command like so:

sudo usermod -aG sudo USER

Where USER is the new username.

You’ve just created a new user and given them sudo privileges on Ubuntu Server.

How to create a sudo-able user on CentOS

Here we have to take an extra step. First we create the user with command:

sudo adduser -m USER

Where USER is the username to be added. We include the -m option to ensure the home directory is created along with the user.

Next, we need to set the password for the user. However, we’re going to set the password such that the user will have to change their password upon first login. To do that we first must set an initial password with the command:

sudo passwd USER

Where USER is the new username we created.

This will prompt you to type and verify a new password. Once you’ve set that, you can then expire the password with the command:

sudo passwd --expire USER

Where USER is the new username we created.

Finally, we give the user admin privileges with the command:

sudo usermod -aG wheel USER

Where USER is the new username we created.

There you have it–you’ve created a new user and given them sudo privileges on both Ubuntu and CentOS. Now you only have to hope those users will employ sudo with caution.

How to remove sudo rights

If you find one of your admins not using sudo with respect to your policies, you might have to remove their rights. To do that, you’ll edit the /etc/group file and remove their name from either the sudo or the wheel entry. To do that, issue the command:

sudo nano /etc/group

Scan through that file for either the sudo (Ubuntu) or wheel (CentOS) entry (Figure A). When you find it, you should see the new user listed. Remove them from that line, save and close the file, and that user will no longer have sudo privileges.

Figure A

Removing sudo rights from CentOS (top) and Ubuntu (bottom).

And that’s all there is to creating new users with admin privileges on Linux.

Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.


Image: iStock/Stock Depot

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday