If you are working in linux environment root is the super user and normal user accounts don’t have that much privileges like root account. Giving root password to all other linux users is not a safe method. To overcome this kind of issues in linux we have a sudo access concept. In this post we can learn about how to provide sudo or root access to non-root or normal users in linux ubuntu/redhat and centos operating systems.
Steps to create
sudoers file in Centos/Redhat without modifying Sudoers file
- Login to your server with root username and password.
[hadoop@localhost ~]$ ssh email@example.com The authenticity of host '192.168.xxx.xx (192.168.xxx.xx)' can't be established. ECDSA key fingerprint is SHA256:t9FzoR2YBjvKsMaziU9PLthJHsxX7ioO878o5kNhDTI. ECDSA key fingerprint is MD5:27:f2:64:c6:b1:8d:a6:93:f8:2a:76:da:b3:b1:db:fc. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.xxx.xx' (ECDSA) to the list of known hosts. firstname.lastname@example.org's password: Last login: Wed Apr 29 13:37:11 2020 [root@localhost ~]#
2. Create a new user by using linux adduser command.
[root@localhost ~]# adduser mahi [root@localhost ~]# id mahi uid=1010(mahi) gid=1010(mahi) groups=1010(mahi) [root@localhost ~]#
replace mahi with your required username.
3. Now set a password to your newly created user id by using passwd username command. Recommended a strong password
[root@localhost ~]# passwd mahi Changing password for user mahi. New password: Retype new password: passwd: all authentication tokens updated successfully. [root@localhost ~]#
4. Now add the new user to wheel group. Wheel group is by default root privileged group in centos/Redhat. By using usermod command you can add wheel group to your user id.
[root@localhost ~]# usermod -aG wheel mahi
Lets check wheel group is added to new user id or not.
[root@localhost ~]# id mahi uid=1010(mahi) gid=1010(mahi) groups=1010(mahi),10(wheel) [root@localhost ~]#
If you observer above before no groups added to user id mahi, but now wheel group is added.
5. Lets test sudo access on new user account.
Use su command or sudo su – userid or sudo -i -u userid commands to switch to new userid.
[root@localhost ~]# su mahi [mahi@localhost root]$ exit exit [root@localhost ~]# sudo -i -u mahi [mahi@localhost ~]$ exit logout [root@localhost ~]# sudo su - mahi Last login: Wed Apr 29 13:57:45 IST 2020 on pts/1 [mahi@localhost ~]$
6. Test the new userid it is working or not with and without adding sudo
[mahi@localhost ~]$ ls -ltr /root ls: cannot open directory /root: Permission denied [mahi@localhost ~]$
In above command i didn’t used sudo command,that is the reason it got permission denied exception. Now lets try with sudo command.
[mahi@localhost ~]$ sudo ls -ltr /root We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for mahi: total 8 -rw-------. 1 root root 1848 Nov 1 2017 anaconda-ks.cfg -rw-r--r--. 1 root root 1879 Nov 1 2017 initial-setup-ks.cfg [mahi@localhost ~]$ sudo ls -ltr /root total 8 -rw-------. 1 root root 1848 Nov 1 2017 anaconda-ks.cfg -rw-r--r--. 1 root root 1879 Nov 1 2017 initial-setup-ks.cfg [mahi@localhost ~]$
First time it asks you the userid password but next time it won’t ask the password.
Please let us know if i miss any points regrading How To Create Sudo User in Linux Centos/RedHat without Modifying Sudoers file topic by using comments sections.