2023 ACHIEVEMENTS

Take a closer look at all the achieved milestones during 2023.

Watch Short Video
  • +357 2425 0808
  • Login
  • English

Home

Blog

How To Create New Users with Root Access...

How To Create New Users with Root Access and Without Sudo on Linux

How To Create New Users with Root Access and Without Sudo on Linux

NetShop ISP

NetShop ISP · Blog Author

Aug 17, 2022 · Technical Tutorials

In this guide, we will tackle a common task system administrators face when managing users and permissions on Linux servers environment. For the purposes of this tutorial we have tested all commands/steps on CentOS 7 and AlmaLinux 8 servers.

The sudo command allows users to run programs and access privileged directories but it can also allow the sudo user to login as root. This is a problem as there is no efficient activity logging for each sudo user, i.e. they can all run commands that show up as the ‘root’ user.

The first three steps in this tutorial will demonstrate how to create a user with root-equivalent privileges. Then we will show you how to disable the user from sudo-ing as root.

Step 1 – Create new user account

Create a new user account using the useradd command:

useradd johny

Now set the user ‘johny’ a password with the passwd command:

passwd johny

Once you hit enter, you will be prompted to confirm the password. Make sure you use a strong password.

Changing password for user johny.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

Step 2 – Grant new user with sudo/root privileges

We are going to use the usermod command to add user ‘johny’ to the ‘wheel’ group. By default on RHEL/CentOS systems, members of the group ‘wheel’ are granted with sudo access.

usermod -aG wheel johny

At this point, user ‘johny’ has been added in wheel group without any restrictions. User johny can, at any time, run the command su root or sudo su to switch as the root user. If you want every user to run sudo-privileged commands under his/her own account (for logging purposes), then follow the last step below.

Step 3 – Modify Sudoers file

First, backup the /etc/sudoers config file as follows:

cp /etc/sudoers /root/sudoers.orig

Now, edit the sudoers config file as follows:

visudo

or

vi /etc/sudoers

Find this line:
%wheel ALL=(ALL) ALL

Replace it with:
%wheel ALL=(ALL:ALL) ALL, !/bin/su

Save the file and you are done!

Last Step – Verify

To verify if you have correctly disabled the sudo access to the user(s), login to your server as root and then switch to your user, let’s say johny

[root@netshop-server-demo ~]# su johny
[johny@netshop-demo-server root]$

Now, as user johny try to sudo as root in 2 ways:

[johny@netshop-server-demo root]$ sudo su
Sorry, user johny is not allowed to execute '/bin/su' as root on netshop-server-demo.

[johny@netshop-server-demo root]$ su root
Password:
su: Authentication failure
[johny@netshop-server-demo root]$

Hooray! You are done!

Press Releases
71

Free VPS Trial

No Credit Card Required.

Recent Posts

Navigating Forex Server Hosting: Key Distinctions from Conventional Providers

Navigating Forex Server Hosting: Key Distinctions from Conventional Providers

23 February, 2024

How to Install Nginx, MariaDB, PHP-FPM on AlmaLinux 9 Server (LEMP)

How to Install Nginx, MariaDB, PHP-FPM on AlmaLinux 9 Server (LEMP)

16 February, 2024

How To Reset Forgotten MySQL 5.7 Root Pass in Linux

How To Reset Forgotten MySQL 5.7 Root Pass in Linux

09 February, 2024

4 Things Web Developers Should Know about Virtual and Dedicated Server Hosting

4 Things Web Developers Should Know about Virtual and Dedicated Server Hosting

05 February, 2024

How to Install Docker Compose on Debian 12 Server

How to Install Docker Compose on Debian 12 Server

22 January, 2024

#letushostyou

Award Winning Hosting Provider established in 2004.

120 Faneromenis Avenue, Imperial Tower, 2nd Floor, Larnaca 6031, Cyprus

Products

Bare Metal Servers

Customized Servers

Virtual / Cloud Servers

Forex VPS

Storage VPS

cPanel Web Hosting

Reseller Web Hosting

Colocation

Addons

Premium DNS

Email Hosting

Cloud Backup

DDoS Protection

Licenses

SSL Certificates

Domain Names

Premium SLAs

About Us

Data Center Locations

Looking Glass

Our Company

Contact Us

Careers in Cyprus

Become a Partner

Awards

Certifications

© 2024 S.S. NetShop Internet Services Ltd. All rights reserved.  Terms & Conditions  |  Privacy Policy
CY Reg. Number: HE 217340 | EU VAT Number: CY10217340J

Visa
Mastercard
PayPal
Bitcoin
Tether
Ethereum
Litecoin
Wise
Revolut
Wire Transfer