Sudo user is the regular user in Linux which has admin or root privileges to perform administrative tasks. But, by default all regular users in Linux are not sudo users, root user has to manually assign sudo rights to the user by adding it to wheel group.
In RHEL distributions like Red Hat Enterprise Linux, Rocky Linux and AlmaLinux, a group with name ‘wheel’ is created during the installation and its entry is already defined in system’s sudoers file.
# grep -i "^[%wheel]" /etc/sudoers %wheel ALL=(ALL) ALL #
When any regular user is added to this wheel group then that user will get sudo rights and can run all admin commands by using ‘sudo’ in front of the commands. In this post, we will learn how to create a new sudo user on RHEL, Rocky Linux and AlmaLinux OS step by step.
1) Login to system as root
Login to your system as root user or if you have logged-in as regular user switch to root user, use following command
$ su - root
2) Create regular user with useradd command
While creating a new regular user, specify ‘wheel’ as secondary group.
# useradd -G wheel <User_Name>
Let’s assume we want to create a user with name ‘sysadm’, run following useradd command
# useradd -G wheel sysadm
Assign the password to above newly created user with beneath passwd command,
# echo "[email protected]##DW0$Ds" | passwd sysadm --stdin
Note: Replace the password string with the password that you want to set for the user.
Use following command to add an existing regular user to wheel group,
# usermod -aG wheel <User_Name>
Run beneath command to verify whether user is part of wheel group or not.
# id sysadm uid=1000(sysadm) gid=1000(sysadm) groups=1000(sysadm),10(wheel) #
3) Test Sudo User
To confirm whether newly created user has sudo rights or not, run couple of admin commands and don’t forget to type sudo in front of commands.
First switch to regular user or login with regular user and run following commands,
# su - sysadm $ sudo whoami [sudo] password for sysadm: root $ $ sudo dnf install -y net-tools
Output of above command would like below:
Above confirms that user has sudo rights and can run admin commands. If you have noticed carefully, we must specify password for executing admin commands via sudo. In case, you want to run sudo commands without password, then edit the sudoer files, comment out the line “%wheel ALL=(ALL) ALL” and uncomment “# %wheel ALL=(ALL) NOPASSWD: ALL”
# vi /etc/sudoers
Save and exit the file.
Alternate way to run sudo commands without password is that create a separate file with name like ‘sysadm’ under the directory ‘/etc/sudoers.d’ and add the following entry.
User_Name ALL=(ALL) NOPASSWD: ALL
Run beneath echo command to complete above task,
$ su - # echo -e "sysadm\tALL=(ALL)\tNOPASSWD: ALL" > /etc/sudoers.d/sysadm # cat /etc/sudoers.d/sysadm sysadm ALL=(ALL) NOPASSWD: ALL #
Now, if we run admin commands via sudo then it will not prompt for the password.
Great, that’s all from this post. Please do post your queries and feedback in below comments sections.