How To Add User to Sudoers & Add User to Sudo Group on CentOS 7

The sudo command stands for “Super User DO” and temporarily elevates the privileges of a regular user for administrative tasks. The sudo command in CentOS provides a workaround by allowing a user to elevate their privileges for a single task temporarily.

This guide will walk you through the steps to add a user to sudoers in CentOS.

If you’re working on a local machine, log in to the system with administrator credentials.

If you’re connecting to a remote machine (over a network), open a terminal window and enter the command:

ssh root@server_ip_address

The server_ip_address is the network IP address of the server you’re logging into. Enter your credentials when prompted.

To add a new sudo user, open the terminal window and enter the command:

adduser UserName

Use the actual username for your new user in place of UserName.

Next, create a password for the new user by entering the following in your terminal window:

passwd UserName

The system should display a prompt in which you can set and confirm a password for your new user account. If successful, the system should respond with “all authentication tokens updated successfully.”

By default, CentOS 7 has a user group called the “wheel” group. Members of the wheel group are automatically granted sudo privileges. Adding a user to this group is a quick and easy way to grant sudo privileges to a user.

Your CentOS 7 installation may or may not have the wheel group enabled.

Open the configuration file by entering the command:

visudo

Scroll through the configuration file until you see the following entry:

## Allows people in group wheel to run all commands

# %wheel        ALL=(ALL)       ALL

If the second line begins with the # sign, it has been disabled and marked as a comment. Just delete the # sign at the beginning of the second line so it looks like the following:

%wheel        ALL=(ALL)       ALL

Then save the file and exit the editor.

To add a user to the wheel group, use the command:

usermod –aG wheel UserName

As usual, replace UserName with the name of the user receiving sudo privileges.

Switch to the new (or newly-elevated) user account with the su (substitute user) command:

su - UserName

Enter the password if prompted. The terminal prompt should change to include the UserName.

Enter the following command to list the contents of the /root directory:

sudo ls -la /root

The terminal should request the password for UserName. Enter it, and you should see a display of the list of directories. Since listing the contents of /root requires sudo privileges, this works as a quick way to prove that UserName can use the sudo command.

If there’s a problem with the wheel group, or administrative policy prevents you from creating or modifying groups, you can add a user directly to the sudoers configuration file to grant sudo privileges.

In the terminal, run the following command:

visudo

This will open the /etc/sudoers file in a text editor.

Scroll down to find the following section:

## Allow root to run any commands anywhere

root ALL=(ALL) ALL

Right after this entry, add the following text:

UserName ALL=(ALL) ALL

Replace UserName with the username you created in Step 2. This section should look like the following:

## Allow root to run any commands anywhere

root ALL=(ALL) ALL

UserName ALL=(ALL) ALL

Save the file and exit.

Switch user accounts with the su (substitute user) command:

su — UserName

Enter the password for the account, if prompted. The terminal prompt should change to include UserName.

List the contents of the /root directory:

sudo ls —la /root

Enter the password for this user when prompted. The terminal should display a list of all the directories in the /root directory.

This guide showed you how to add a user to sudoers in CentOS or modify privileges of an existing sudo user.

The sudo command is critical for running advanced and administrative tasks on a Linux system. While this could be done using a root user (or administrator account) using the su command, system administrators advise against operating permanently in a root account. Not only can it be a security risk, but it can also allow changes to a Linux system that can break functionality.