How to add user to sudoers – configure sudo access

Aug 5, 2016 Linux

configure sudo access in redhat
The sudo command offers a mechanism for providing trusted users with administrative access to a system without sharing the password of the root user.
A sudoer (regular user added to sudoers) once authenticated, can execute the administrative commands like they were run by the root user.

In this tutorial we present two examples:

  • How to add regular user to the wheel group and give the wheel group the unlimited root access
  • How to add particular user to the sudoers


How to add regular user to the wheel group and give the wheel group the unlimited access?

1. Login to the system as root user

[root@server ~]#

2. Create regular user

[root@server ~]# useradd tuxfixer

3. Set password for new user

[root@server ~]# passwd tuxfixer
Changing password for user tuxfixer.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

4. Edit sudoers file

Edit /etc/sudoers file using visudo command:

[root@server ~]# visudo

Uncomment wheel parameter by removing # mark (allows users in wheel group to execute root’s commands after password authentication):

## Allows people in group wheel to run all commands
wheel   ALL=(ALL)       ALL

Note: never edit sudoers file using different tools than visudo, which edits the sudoers file in a safe fashion – it locks the sudoers file against multiple simultaneous edits, provides basic sanity checks, and checks for parse errors.

5. Add regular user to the wheel supplementary group:

[root@server ~]# usermod -aG wheel tuxfixer

Verify supplementary group for the user:

[root@server ~]# id tuxfixer
uid=1001(tuxfixer) gid=1001(tuxfixer) groups=1001(tuxfixer),10(wheel)

6. Test sudo configuration for regular user

Logout as root and login as newly created regular user:

[tuxfixer@server ~]#

Try to execute some admninistrative command (that usually requires root authentication) as regular user using sudo:

[tuxfixer@server ~]$ sudo systemctl stop libvirtd

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for tuxfixer:

How to add particular user to the sudoers?

1. Login to the system as root user

[root@server ~]#

2. Create regular user

[root@server ~]# useradd tuxfixer

3. Set password for new user

[root@server ~]# passwd tuxfixer
Changing password for user tuxfixer.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

4. Edit sudoers file

Edit /etc/sudoers file using visudo command:

[root@server ~]# visudo

Add the following lines (allows user tuxfixer to execute root’s commands after password authentication):

## Allows tuxfixer to run all commands
tuxfixer  ALL=(ALL)       ALL

5. Test sudo configuration for particular user

Login as newly created user:

[tuxfixer@server ~]#

Execute administrative command (that usually requires root authentication) as sudoer using sudo:

[tuxfixer@server ~]$ sudo systemctl disable libvirtd
[sudo] password for tuxfixer:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.