sudo command is one of the most popular Linux commands.
It allows users to execute commands as another user, the user is configured to run as root by default.
In CentOS 8, there are two methods to add sudoers users: You can add it to the wheel group (similar to Debian-based distributions sudo group), or you can add a user to sudoers file.
The following are the details of the two methods to be used.
prerequisites
In order to grant sudo rights to an existing user, you will need to use the sudo command on CentOS 8 host.
First, make sure the package is up to date on the host, and then install the sudo command.
$ su -
$ yum update
$ yum install sudo
To verify that the correct sudo command following command to install, you can run
$ sudo -l
Add existing users to the wheel group
The first method is to add the user to sudoers adding it to the wheel group.
To add your users to the group, you can use usermod or gpasswd command.
$ sudo usermod -aG wheel <user>
In addition, the use of which is gpasswd command syntax.
Using the groups command to ensure that the user belongs to the wheel group.
Su $ - <the User>
(user password)
$ groups
user wheel
As shown below:
Alternatively, you can run sudo commands on the user to grant administrative privileges.
Congratulations!
You have been added to sudoers in CentOS 8 on the user.
In CentOS 8 installation process, if you choose not to set the root password, the default root of your account may have been locked case. So, if you need the unlock code, you need to set a password for the root user account.
Add an existing user to sudoers file
Another way to grant administrative rights is to add the user to the sudoers file.
By default, sudoers file located by default in / etc / sudoers.
The file contains a set of rules that apply to determine who has administrative privileges on the system, which can use the sudo command to perform the privileged and whether it should prompt for a password.
However, you should not edit your sudoers file, because if any mistakes in this process, you may never be locked out of the host.
You do not have to modify sudoers file, but to use visudo.
Visudo is a tool that can check the completeness and correctness of the command input before saving sudoers file.
To execute visudo, type the following command
$ sudo visudo
You should now see the following screenshot:
At the end of the file, add the following lines.
$ <user> ALL=(ALL:ALL) ALL
Here are some detailed information about the syntax of the sudoers file.
By default, you will be asked every five minutes to perform a sudo account password operations.
However, if you want to delete this password is verified, you can set NOPASSWD options.
$ <user> ALL=(ALL:ALL) NOPASSWD:ALL
If you want to increase the password verification time, you can modify timestamp_timeout (in minutes).
In the example shown below, the system will ask you to provide a user password every thirty minutes.
# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
Defaults timestamp_timeout=30
The group added to the sudoers file
In sudoers file, you can add users, but also can add a whole group, if you want to set specific rules for different groups, it will be very convenient.
To add the group to the sudoers file, just the beginning of the line to add a percent sign.
$ %sysadmins ALL=(ALL:ALL) NOPASSWD:ALL
Use the command groups the user belongs designed to ensure that your group.
$ su - user
$ groups
user sysadmins
Similarly, you can test whether the changes have been applied to change the password
$ sudo passwd
to sum up
In this tutorial, you learned how to use the usermod command or change the sudoers file to add a user to the sudoers on 8 CentOS.