Blog Post
How to Add User to Sudoers or Sudo Group on CentOS 7
Commands

How to Add User to Sudoers or Sudo Group on CentOS 7

When it comes to a professional or technical workspace, dividing privileges to run commands becomes necessary. More so if your team is working on Linux systems since it holds a greater capacity of editing data at hardware levels. One such example is the “root” user in CentOS.

If another “root” user is required in the workspace, there are certain steps that you need to follow before adding users. CentOS offers the ‘sudo’ command for such cases. The command ‘sudo’ means superuser do and it enables users to run commands as the “root” user.

One method to add users is by adding them to the sudoers file. The sudoers file is basically a config file containing data about the users, groups, and their level of privileges granted.

Another method is to add users into the “wheel” group which is provided by CentOS. This step works for RedHat based distribution systems, especially.

How to Add Users into the Wheel Group

First, check if the “wheel” group is enabled or not with the visudo command.

After using the command, you will see a config file open. Scroll through it and look for this:

# %wheel             ALL=(ALL)         ALL

If you see the # sign, delete it since it is used for disabling commands by marking the command as a comment. The command should look like this instead:

%wheel               ALL=(ALL)          ALL

To add a user into the “wheel” group, use the following:

usermod -aG wheel Username

The “Username” will be the username of the user to be added. Example:

usermod -aG wheel SlimShady

You can test and verify this by getting into “root” with the new user and running any sudo command. Example:

su - SlimShady

Or use the whoami command for verification.

Syntax: sudo whoami

A prompt should appear requesting the password and if the user has sudo access, the output should print out “root”.

Expected output: root

If the user has not been authorized for sudo privileges, a message saying “user is not in the sudoers file” will appear.

How to Add Users into the Sudoers File

As said above, the sudoers file is a config file that contains all the data about users, groups, and their privilege levels. If certain “wheel” group issues or company policies prevent you from using the “wheel” group addition method, you can instead add users directly into the sudoers file. An advantage to this is that the sudoers file allows for more customization options for commands and specific privileges.

The sudoers file is usually located in the /etc/sudoers directory or you can create a new file in /etc/sudoers.d directory.

We again make use of the visudo command, this time in order to edit the sudoers file. You could also use a text editor but unlike visudo, it won’t check for syntax errors and you may end up losing sudo access due to an error.

If you are a beginner and prefer using nano text editor, you can type:

editor=nano visudo

Otherwise, continue with this command: visudo

This should open the /etc/sudoers config file. Next, scroll down till you find this line:

root ALL=(ALL) ALL

Press Enter and add this in the next line:

Syntax:

Username ALL=(ALL) ALL

Example:

SlimShady ALL=(ALL) ALL

Therefore, the adding users section in the sudoers config file should look like this:

root ALL=(ALL) ALL

SlimShady ALL=(ALL) ALL

You can also add further customizations to the user, such as allowing it to access files or run commands without needing to enter the password. To do this, for example, enter:

SlimShady ALL=(ALL) NOPASSWD:ALL

Another example would be to only allow specific commands to the user. Suppose you want to allow user “SlimShady” to only restart “DeltaPrune”, then use:

SlimShady ALL=(ALL) /bin/fun restart DeltaPrune

Or if you want to exclusively allow ping commands only, for instance. Use:

SlimShady ALL=(ALL) NOPASSWD:/ur/bin/ping

This allows for better customization and to-the-point division of privileges for all users.

Conclusion

The sudo command and feature in Linux CentOS enables for comprehensive administration of systems and users individually and as groups. Through the “wheel” group method and sudoers file method, it is not only possible to create and add new users but also modify and edit their privileges to the minutest detail.

Related posts

Leave a Reply

Required fields are marked *

Copyright © 2020 Blackdown.org. All rights reserved.