sudo command stands for “Super User DO” and temporarily elevates the privileges of a regular user for administrative tasks. The
sudo command in CentOS provides a workaround by allowing a user to elevate their privileges for a single task temporarily.
This guide will walk you through the steps to add a user to sudoers in CentOS.
- A system running CentOS 7
- Access to a user account with root privileges
Add User to Sudoers on CentOS
Step 1: Login as Administrator
If you’re working on a local machine, log in to the system with administrator credentials.
If you’re connecting to a remote machine (over a network), open a terminal window and enter the command:
The server_ip_address is the network IP address of the server you’re logging into. Enter your credentials when prompted.
Step 2: Create a New Sudo User
To add a new sudo user, open the terminal window and enter the command:
Use the actual username for your new user in place of UserName.
Next, create a password for the new user by entering the following in your terminal window:
The system should display a prompt in which you can set and confirm a password for your new user account. If successful, the system should respond with “all authentication tokens updated successfully.”
How to Add Users to Sudo Group
By default, CentOS 7 has a user group called the “wheel” group. Members of the wheel group are automatically granted sudo privileges. Adding a user to this group is a quick and easy way to grant sudo privileges to a user.
Step 1: Verify the Wheel Group is Enabled
Your CentOS 7 installation may or may not have the wheel group enabled.
Open the configuration file by entering the command:
Scroll through the configuration file until you see the following entry:
## Allows people in group wheel to run all commands # %wheel ALL=(ALL) ALL
If the second line begins with the # sign, it has been disabled and marked as a comment. Just delete the # sign at the beginning of the second line so it looks like the following:
%wheel ALL=(ALL) ALL
Then save the file and exit the editor.
Note: If this line didn’t start with a # sign, you don’t need to make any changes. The wheel group is already enabled, and you can close the editor.
Step 2: Add User to Group
To add a user to the wheel group, use the command:
usermod –aG wheel UserName
As usual, replace UserName with the name of the user receiving sudo privileges.
Step: 3 Switch to the Sudo User
Switch to the new (or newly-elevated) user account with the
su (substitute user) command:
su - UserName
Enter the password if prompted. The terminal prompt should change to include the UserName.
Enter the following command to list the contents of the /root directory:
sudo ls -la /root
The terminal should request the password for UserName. Enter it, and you should see a display of the list of directories. Since listing the contents of /root requires sudo privileges, this works as a quick way to prove that UserName can use the
Alternative: Add User to Sudoers Configuration File
If there’s a problem with the wheel group, or administrative policy prevents you from creating or modifying groups, you can add a user directly to the sudoers configuration file to grant sudo privileges.
Step 1: Open the Sudoers File in an Editor
In the terminal, run the following command:
This will open the /etc/sudoers file in a text editor.
Step 2: Add the New User to file
Scroll down to find the following section:
## Allow root to run any commands anywhere root ALL=(ALL) ALL
Right after this entry, add the following text:
UserName ALL=(ALL) ALL
Replace UserName with the username you created in Step 2. This section should look like the following:
## Allow root to run any commands anywhere root ALL=(ALL) ALL UserName ALL=(ALL) ALL
Save the file and exit.
Step 3: Test Sudo Privileges for the User Account
Switch user accounts with the
su (substitute user) command:
su — UserName
Enter the password for the account, if prompted. The terminal prompt should change to include UserName.
List the contents of the /root directory:
sudo ls —la /root
Enter the password for this user when prompted. The terminal should display a list of all the directories in the /root directory.
This guide showed you how to add a user to sudoers in CentOS or modify the privileges of an existing sudo user.
sudo command is critical for running advanced and administrative tasks on a Linux system. While this could be done using a root user (or administrator account) using the su command, system administrators advise against operating permanently in a root account. Not only can it be a security risk, but it can also allow changes to a Linux system that can break functionality.