![]() ![]() If you are not comfortable with command line and wants to create a new sudo user from GUI then refer the below steps.įrom the Activity, search users and click on user’s icon as show below, Creating new sudo user from Desktop Environment (GUI) After that interval, it will prompt to enter password again while executing sudo command. When we run the command with sudo first time then it will prompt you to enter user’s password and will save it for next 5 minutes. # su – sysopsĪs we can see above, sysops user is able to run admin commands by putting sudo in front of each command. To test sudo access, switch to sudo user and try to run some admin commands by placing sudo in front of command. # usermod -aG sudo > Testing Sudo User Access To add an existing user to sudo group, run Output of id command confirms that sysops user is created successfully, now add this user to sudo group using usermod command, # usermod -aG sudo sysops This command will prompt to set password of sysops user and other details as shown below, To create new sudo user, open the terminal and switch to root user and run following command, In this post, we have tested following commands on Ubuntu 22.04 LTS (Jammy Jellyfish). If we add any regular user to that sudo group then that user will have sudo admin rights. This way, you can manage which user can run which commands as root.When we install Ubuntu Desktop or Ubuntu server then a group named ‘ sudo’ is created automatically. You can add other commands like this by adding the full path of the command (e.g., which ls), prefixed by an exclamation mark. Here, the user kal can run all commands as root except for rm and ls. kal ALL=(ALL) ALL, !/usr/bin/rm, !/usr/bin/ls Add the following line in the file and save it to accomplish this. sudo visudo /etc/sudoers.d/kalįor instance, lets restrict the user kal from using some commands as root. Instead, I advise creating a new file for the user in the /etc/sudoers.d/ directory and defining the permissions there. You could directly edit the sudoers file and add the following code at the end of the line but that’s not good practice. Now, let’s say you want to restrict a user in the sudo group from running certain commands with root privileges. Similarly, lines beginning with % indicates group rules. The fourth ALL specifies that this rule applies to all commands.The third ALL specifies that the root user can execute commands as all groups.The second ALL specifies that root user can execute commands as all users.The next parameter (ALL) specifies that this rule applies to all hosts.The first parameter (root) specifies the user that the rule applies to.Let’s look at the default configs first, starting with the root ALL=(ALL:ALL) ALL rule. ![]() Keep in mind that you should never edit this file with a normal text editor, you should always use visudo. You can instead assign specific permissions to certain users and groups by editing the /etc/sudoers file. But as stated, this isn’t ideal in terms of security. Add the User to the sudoers Fileīy default, all sudo users have super-user privileges. For instance, you could run sudo whoami or sudo cat /etc/sudoers. Or you can simply use su kal switch to the new account and test directly. You can run id kal or groups kal and confirm that sudo is listed. There are various ways to verify the change. Now, append the user to the sudo group with sudo usermod -aG sudo kal Set a password for the user with sudo passwd kal Add the User to the Sudo Group Note: The -m option in adduser creates a home directory for a new user in Ubuntu automatically. Now, type the following command to create a new user sudo useradd -m kal Create a New Userīefore you start, you can check the members of the sudo group with getent group sudoĪdditionally, you’ll need root access to add a sudo user. This allows you to assign permissions on a least privilege basis instead of giving blanket root access to all sudo users, which is much more secure. But you can also customize the permissions sudo provides to various users and groups, including the sudo group itself. ![]() In practice, this usually means that users in the sudo group can run programs with root privileges.Īdding sudo users in Ubuntu is a very simple process, and most users stop there. Sudo, also known as Super User Do, is a program that lets users execute commands with the specified privileges. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |