Home / ubuntu / Questions / 7477
Accepted
David B
Asked: 2010-10-16 04:02:45 +0800 CST

How can I add a user as a new sudoer using the command line?

  • 772

After I add a user using adduser, I can't see it via System > Administration > Users and Groups unless I log out and then log in again. Is that normal?

Also, can I set a newly added user as a sudoer or do I have to change that only after adding it? How can I do that via the shell?

Finally, can I delete the original user that was created upon initial installation of Ubuntu, or is this user somehow 'special'?

command-line sudo user-management

7 Answers

  1. Best Answer

    Just add the user to the sudo group:

    sudo adduser <username> sudo

    The change will take effect the next time the user logs in.

    This works because /etc/sudoers is pre-configured to grant permissions to all members of this group (You should not have to make any changes to this):

    # Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

    As long as you have access to a user that is in the same groups as your "original" user, you can delete the old one.

    Realistically, there are also other groups your new user should be a member of. If you set the Account type of a user to Administrator in Users Settings, it will be placed in at least all of these groups:

    adm sudo lpadmin sambashare

    Because your system configuration may vary, I suggest taking a look at the output of groups <username> to see what groups are normally in use.

    • 1144

  2. I did

    sudo usermod -a -G sudo <username>

    as recommended here.

    • 228

  3. Open the sudoers file: sudo visudo will open the /etc/sudoers file in the editor defined in $EDITOR (probably GNU nano - set the variable if it's not what you want, eg export EDITOR="nano" and try sudo visudo again).

    Add the below line to the end of the file.

    username ALL=(ALL) ALL   # Change the user name before you issue the commands

    Then perform WriteOut with Ctrl + O. The editor will ask you for the file name to write into. The default will be a temporary file that's used by visudo to check for syntax errors before saving to the actual sudoers file. Press Enter to accept it. Quit the nano editor with Ctrl + X.

    Done!

    • 86

  4. One thing I have to add that I'm sure a lot of people don't understand:

    Once you have already done a adduser "username", you can still come back and do a adduser "username" sudo, and it will then add that user to the group properly.

    It actually won't work the first time around like sudo adduser username sudo. It will give you an error. Which in summary means you must first make the user account before you can add them to a group.

    • 32

  5. on CentOS, I do as root

    echo ' username ALL=(ALL)   ALL' >> /etc/sudoers
    • 16

  6. The following snippet grants root access to username without explicitly logging in as root.

    Make sure that the user is added to sudo group first. Tested on Ubuntu 16.04.1 LTS.

    sudo adduser username sudo
sudo sh -c "echo 'username ALL=NOPASSWD: ALL' >> /etc/sudoers"
    • 15

  7. All members of the group admin, are in Ubuntu by default allowed to use sudo, so the easiest way is to add the user account to the admin group.

    If you do not want to give the user account full root access, you need to edit the /etc/sudoer file with visudo (it makes sure that you do not have any syntax errors in the file and lose sudo capability altogether) in a way that you specify what commands this user (or a new group) can execute as root.

    The sudoer manual will give you more information about this. You can specify which commands are permitted by a particular user/group to be executed as root.

    • 12