Home Linux guides How to Add User to Sudoers & Add User to Sudo Group...

How to Add User to Sudoers & Add User to Sudo Group in Rocky Linux 8

96
2

The Sudo command stands for “Super User DO“. This command temporarily elevates the privileges of a regular user to help him run administrative tasks. When a regular user runs this command and supplies the password, he is able to temporarily get admin rights to install a package, remove a package, access restricted files, and make changes to them and so on.

The Sudo command thus allows a permitted user to execute a command as a superuser or another user as specified in the security policy.

In this article i will take you through the steps to add a user to the sudoers in Rocky Linux.

Requirements:

  • A system running on Rocky Linux 8
  • Access to a root account.

Adding a User to Sudoers on Rocky Linux 8.

Method 1

Step 1 : Login as Admin.

Login to your local machine as an administrator. For remote connection i.e connection over a network, open your terminal window and run the command:

ssh [email protected]_ip_address

The server_ip_address represents the network server IP address that you wish to login into. Enter your password after the prompt. in this article, I will use my server’s IP 192.168.201.2

The command output :

[[email protected] ~]$ ssh [email protected]
[email protected]'s password: 
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Mon Sep 27 17:04:45 2021 from 192.168.201.1
[[email protected] ~]# 

Step 2 : Create a Sudo User.

To create a new Sudo User, open your terminal and execute the command below.

adduser UserName

I will create a new User called Calvin.

[[email protected] ~]# adduser Calvin
[[email protected] ~]# 

The next thing is to create a password for our UserName ( Calvin ). This is achieved by issuing the command :

passwd UserName 

Your output should look like this.

[[email protected] ~]# passwd Calvin
Changing password for user Calvin.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
[[email protected] ~]# 

You will be prompted to supply and confirm the password for the new user. Please supply a strong password. If successful, you will see this message “passwd: all authentication tokens updated successfully.”

We now look at how to add our user to a Sudo Group.

Adding Users to Sudo Group.

Rocky Linux has a user group called the “wheel” group. Adding a user to this group automatically grants him Sudo privileges. The fastest way to grant a user sudo privileges is by adding the user to this group.

Step 1 : Verify if Wheel Group is enabled on Rocky Linux 8.

This group may/may not be enabled by default. To see if enabled or disabled, open the configuration file by issuing the command:

visudo

This command opens the sudo configuration file. Scroll down through the file until you see the entry that looks like this:

## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL

If line 2 begins with a # it means that the wheel group is disabled. # represent a comment, and to enable the group, we must remove the # symbol before the wheel.

In my output, the wheel group is already enabled as there is no # symbol preceding the wheel.

Once you make your changes (if needed), save your sudo configuration file and exit your editor.

Step 2 : Add User to Group.

To add our user Calvin to the wheel group, run the command:

usermod -aG wheel UserName

As shown below.

[[email protected] ~]# usermod -aG wheel Calvin
[[email protected] ~]# 

Step 3 : Switch to the Sudo User.

To switch user (su) to the newly created user, execute the command :

su - UserName

Command output using my User Calvin looks like this:

[[email protected] ~]# su - Calvin
[[email protected] ~]$ 

After issuing the command, notice our prompt has changed from root to Calvin.

Now try and list the contents of the /root directory by running the command:

sudo ls -la /root

The output:

[[email protected] ~]$ sudo ls -la /root

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for Calvin: 
total 156
dr-xr-x---.  5 root root    237 Sep 27 17:23 .
dr-xr-xr-x. 17 root root    224 Sep 27 16:26 ..
-rw-------.  1 root root   1368 Sep 27 16:33 anaconda-ks.cfg
-rw-------.  1 root root    240 Sep 27 17:23 .bash_history
-rw-r--r--.  1 root root     18 Mar 14  2021 .bash_logout
-rw-r--r--.  1 root root    176 Mar 14  2021 .bash_profile
-rw-r--r--.  1 root root    176 Mar 14  2021 .bashrc
drwx------.  4 root root     44 Sep 27 16:46 .cache
drwx------.  3 root root     18 Sep 27 16:46 .config
-rw-r--r--.  1 root root    100 Mar 14  2021 .cshrc
drwx------.  3 root root     25 Sep 27 16:46 .dbus
-rw-r--r--.  1 root root   1755 Sep 27 16:47 initial-setup-ks.cfg
-rw-r--r--.  1 root root 118992 Sep 27 17:18 latest
-rw-r--r--.  1 root root    129 Mar 14  2021 .tcshrc
-rw-r--r--.  1 root root    165 Sep 27 17:21 .wget-hsts

On issuing the command, you will be prompted to provide the password of our new sudo user. Once you supply the password, you are able to list the contents of the /root directory.

Since /root directory is only accessed by root or sudo users, the fact that you are able to list the contents of the folder is prove enough that your user is now a sudo user.

Congratulations, you have now created a user and added him/her to the wheel group.

Method 2 :

Alternative Method : Add User to Sudoers Configuration File.

You can directly add users to the sudoers group by editing the sudoers configuration file and granting them sudo privileges. This is what you do:

Step 1 : Open the sudoers file.

Using the text editor of your choice, and as root, issue this command:

visudo

This opens the /etc/sudoers file.

Sample output:

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL

## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL

## Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

Step 2 : Add the New User to file

Navigate your file to the root section.

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL

Below the last line, configure your user by adding the following line of text:

UserName ALL=(ALL) ALL

defining our user Calvin, our output will be as below.

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
Calvin  ALL=(ALL)       ALL

It’s good to point out that you must be in insert mode for you to make any changes to the file. After your changes, save your file and exit your editor.

Step 3 : Test Sudo Privileges for the User Account.

Switch user to your NewUser by this command:

su - UserName 

Command output:

[[email protected] ~]# su - Calvin
[[email protected] ~]$ 

Notice your prompt has changed to the new user.

We can list the contents of /root directory with our user.

sudo ls -ls /root

You will be prompted to supply the password for the user.

The output is as below:

[[email protected] ~]$ sudo ls -la /root
[sudo] password for Calvin: 
total 156
dr-xr-x---.  5 root root    237 Sep 27 17:23 .
dr-xr-xr-x. 17 root root    224 Sep 27 16:26 ..
-rw-------.  1 root root   1368 Sep 27 16:33 anaconda-ks.cfg
-rw-------.  1 root root    240 Sep 27 17:23 .bash_history
-rw-r--r--.  1 root root     18 Mar 14  2021 .bash_logout
-rw-r--r--.  1 root root    176 Mar 14  2021 .bash_profile
-rw-r--r--.  1 root root    176 Mar 14  2021 .bashrc
drwx------.  4 root root     44 Sep 27 16:46 .cache
drwx------.  3 root root     18 Sep 27 16:46 .config
-rw-r--r--.  1 root root    100 Mar 14  2021 .cshrc
drwx------.  3 root root     25 Sep 27 16:46 .dbus
-rw-r--r--.  1 root root   1755 Sep 27 16:47 initial-setup-ks.cfg
-rw-r--r--.  1 root root 118992 Sep 27 17:18 latest
-rw-r--r--.  1 root root    129 Mar 14  2021 .tcshrc
-rw-r--r--.  1 root root    165 Sep 27 17:21 .wget-hsts

The output proves that our user is a sudo user.

Conclusion.

That is “How to Add User to Sudoers & Add User to Sudo Group in Rocky Linux 8″. I hope the article was helpful to you. The Sudo command is very crucial to any administrator for running his administrative roles like package installation, removing an installed package, updating and upgrading your system, and so on. It is good practice to use the sudo command instead of the critical root account. If a root account falls on the wrong hands, then the repercussions can be detrimental. Always take caution.

2 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here