Understanding how to add a new user to the sudoers file in Ubuntu is a fundamental skill for administrators and users who manage systems. Sudo, short for “superuser do,” is a powerful command that allows a permitted user to execute a command as the superuser or another user, as specified by the security policy.
Adding a user to the sudoers file is not just about granting elevated privileges; it’s about enabling responsible and controlled access to critical system functions. This process involves editing the sudoers file, a critical task that requires precision and an understanding of Linux permissions.
Let’s dive into the technical steps to accomplish this task.
Change to Root Account
Logging into the Ubuntu root account proves critical for creating a new user with sudo privileges. The Ubuntu installation process generates the root account, which is accessible with a user-set password necessary for creating a new sudo user. Ensure this password is secure and use it only when necessary, such as when adding new sudo users.
Switch to the root account using the “su” command in the terminal:
suAfter entering the root password, the system will prompt confirmation before granting access to the root account. Upon verifying the password, the terminal will display the username as “root,” indicating that you have successfully logged in as the root user.
Example output of root account:
root@ubuntu-linux:/home/joshua# If you have forgotten your root password but have sudo access, you can reset the root password using the following command:
sudo passwd rootCreate a New User
Adding a new user with sudo privileges to a Ubuntu system starts with creating the user account. Although granting administrative privileges to an existing user account is possible, this guide will explain the steps for creating a new account from the beginning.
You can use the “adduser” command in the terminal to create a new user account, followed by the desired username. The system will prompt you to enter additional information, such as the user’s full name, password, and contact information.
Run the following command to add a new user to your Ubuntu system:
adduser <example username>Example with my name:
adduser joshAfter executing the command and pressing enter, the system prompts you to create a password for the new user account. A strong password is crucial for account security. A recommended password includes a mix of uppercase and lowercase letters, symbols, numeric values, and special characters to increase complexity and difficulty guessing or cracking.
Since the new user account possesses sudo privileges providing administrative access to the system, a strong password is crucial. Unauthorized access with these privileges could severely damage the system or result in data loss. Therefore, only authorized individuals should access the new user account and use a strong password.
Fill out New User Information (Optional)
After setting the new user’s password, the system prompts you for additional user information like full name, contact details, and other relevant data. Although you don’t have to provide these details, supplying as much information as possible helps accurately represent the user in the system.
If you skip providing additional information, press the enter key to proceed to the next stage. Remember, the system uses the information you provide for identification and accurate user representation.
After completing the previous step, you should type “Y” and press the enter key to add the new user to the system.
Confirm New User
To verify the successful addition of the new user, execute the following command in the terminal:
grep 'username' /etc/passwdReplace “username” with the username of the new user you created. This command searches the system’s password file for the user’s name and displays their account information, such as their home directory and login shell.
Understand that the system stores new and existing user information in the /etc/passwd file. This file contains crucial user details, including user name, user ID, group ID, home directory, and shell. These details facilitate authentication, authorization, and system administration tasks. Therefore, regularly update and maintain this file for seamless system management.
Add New User To Sudoers Group
In the next section, after acquiring knowledge about adding a user to the system, you will learn how to grant sudo privileges to the newly added or existing user. To achieve this, execute the command below:
sudo usermod -aG sudo <example username>Example with my name:
sudo usermod -aG sudo joshVerifying the successful addition of the user to the sudoers group is good practice. Achieve this by executing the “id” command as shown below:
id <username>Replace “<username>” with the specific username you wish to verify when using the “id” command. This command reveals user details, including user ID, group ID, and membership in additional groups. If the user belongs to the sudo group, they have received sudo privileges successfully.
Below is an example with my username:
id joshExample output:
uid=1001(josh) gid=1001(josh) groups=1001(josh),27(sudo)You can also use the “gpasswd” command as an alternative. Below is an example of how to use the “gpasswd” command to grant sudo privileges to a user:
gpasswd -a <example username> sudoTo use the “gpasswd” command to grant sudo privileges to a user, replace “<username>” with the actual username of the user you want to add to the sudoers group. This command will add the user to the sudo group, thus granting them sudo privileges.
Below is an example with my username:
gpasswd -a josh sudoExample output:
adding josh to group sudoConfirm New Sudo User
After adding the desired user to the sudoers group, test the account to confirm that sudo privileges have been successfully granted. Use the “su” command to switch to the newly created user account, entering the command followed by the username as shown below:
su <example username>To test the new user’s sudo privileges, replace “<username>” with the username of the user you have granted sudo access. This command will switch the user to the newly created or existing account, allowing you to test the account’s sudo privileges.
Example with my name:
su joshYou can verify the username by executing the “sudo whoami” command. This command will display the username of the current user with elevated privileges.
sudo whoamiWhen you execute the “sudo whoami” command, the system prompts you to enter the password for the sudo user. Upon entering the correct sudo username and password, a confirmation message appears, indicating granted sudo privileges for performing administrative tasks on the system.
rootCongratulations! You have successfully added a new user to the sudoers group and granted them elevated privileges on Ubuntu.
Conclusion
We’ve walked through the steps to add a new user to the sudoers file on Ubuntu, ensuring you can confidently grant the necessary permissions. Remember, great power comes with great responsibility, so always double-check your entries and understand the privileges you’re assigning. Keep your system secure by reviewing your sudoers periodically and tailoring access as needed. Whether setting up a new team member or tweaking your setup, these insights will help keep your Ubuntu system running smoothly and securely.