
Rocky Linux and AlmaLinux are the top replacement Operating system for CentOS. This project came into existence once CentOS moved from an enterprise-stable operating system to an upstream development branch of RHEL.
Sudo stands for "substitute user do" or "super user do". This gives a current user to run programs with security privileges temporarily, by default the root user. The sudoers file is located at /etc/sudoers which contains the security policy for system users and groups to determine sudo privileges.
In this tutorial learn how to add a user to sudoers in AlmaLinux or Rocky Linux.
Create a new sudo user on AlmaLinux or Rocky Linux
Lets first create a new user to your system:
# adduser bob
Now set a password for the new user using the passwd command:
# passwd bob
In AlmaLinux or Rocky Linux, all members of the wheel group have sudo access. Use usermod command to add the user bob to the wheel group:
# usermod -aG wheel bob
There are two methods to add an existing user to sudoers: adding the user to the wheel group or add the user to the sudoers file.
Adding an existing user to wheel group
This is the easiest method to grant sudo access to any existing user, by adding the user to the wheel group.
Use the following command to add the user tom to the wheel group:
# usermod -aG wheel tom
Replace tom
with the username of your system.
Adding an existing user to the sudoers file
The file /etc/sudoers allows customized access to users and commands. You grant user the sudo access by modifying this file.
You can edit /etc/sudoers file using visudo command. This command helps to check any syntax error before saving to avoid any mistakes.
First, open the /etc/sudoers file:
$ visudo
Scroll to the very bottom or press Shift + G
and then add the following line:
bob ALL=(ALL:ALL) NOPASSWD:ALL
Replace bob
with the username of your system. Setting to NOPASSWD
disables the password authentication when running the sudo command.
You can now save and quit from the editor.
Alternatively, you can create a file inside the /etc/sudoers.d directory and add the above line.
You also set the user to run specific commands as follows:
username ALL=(ALL) NOPASSWD:/usr/bin/ls,/usr/bin/df
You can also add a group to the sudoers file by adding a percent symbol at the beginning of the line.
%admingroup ALL=(ALL:ALL) NOPASSWD:ALL
Test sudo Access
You can test sudo access in few different ways.
Run the whoami command with prefix sudo:
$ sudo whoami
If the output displayed is 'root' then the user has sudo access.
Alternatively try to list the content of /root by:
$ sudo ls -la /root
If the user does have sudo privilege you get an error displaying 'user is not in the sudoers file'. The sudo logs are stored in /var/log/secure.
Conclusion
In this tutorial learn how to add a user to sudoers in AlmaLinux or Rocky Linux. Thanks for reading, please leave your feedback and suggestions in the comment section.