DTT

How to add a root user on CentOS 8

Published: April 5, 2021 (Updated: Apr 5, 2021)
#CentOS #Sudo #Linux

Enjoying this content? Subscribe to the Channel!

Mastering User Management: How to Add a New User and Grant Sudo (Root) Privileges on CentOS 8/7

Hello tech enthusiasts, and welcome back to Darren’s Tech Tutorials!

If you are running a CentOS server, you know that security is paramount. While it might be tempting to always log in as the default root user, this is a major security risk. The best practice is to create a standard user account and then grant that account the necessary administrative powers using sudo.

On CentOS systems (including both CentOS 8 and CentOS 7), we achieve this by adding the new user to the special wheel group. This group is pre-configured to allow its members to execute commands with root privileges.

Ready to jump in and secure your server? Here is the complete, step-by-step guide on how to add a new user and properly grant them administrative (sudo) access.

Prerequisites: Getting Started

Before we begin, you must be logged in as the root user or a user who already has sudo privileges. All commands will be run from your server’s command line interface (CLI).

Step 1: Creating the New User Account

The first step is straightforward: we use the useradd command to create the new account. In this example, we will use the username darrenadmin, but you should replace that with your desired username.

useradd darrenadmin

This command creates the user home directory (/home/darrenadmin) and sets up the necessary system files for the new account.

Step 2: Setting a Strong Password

A user account is useless without a password, and a weak password is a severe vulnerability. We use the passwd command immediately after creation to set a secure password for the new user.

passwd darrenadmin

The system will prompt you twice to enter the new password. Ensure you choose a complex password that mixes uppercase letters, lowercase letters, numbers, and symbols.

Step 3: Granting Root Power: Adding the User to the wheel Group

This is the most critical step. To allow darrenadmin to use the sudo command (which stands for “Super User Do”), we must add them to the wheel group.

We use the usermod command for modifying user accounts:

usermod -aG wheel darrenadmin

Let’s quickly break down the flags used in this command:

  • -a: This means “Append.” It ensures that the user is added to the specified group without removing them from any other groups they might belong to.
  • -G: This specifies the Group (or list of groups) that the user should be added to. In our case, that’s wheel.

Once this command executes successfully, darrenadmin has full administrative access!

Technical Note: On CentOS, the wheel group is configured in the /etc/sudoers file to allow “NOPASSWD” or password-protected root access. By default, members of the wheel group must enter their password when using sudo.

Step 4: Testing Your New Sudo Access

It’s always essential to confirm that your new user configuration works exactly as expected before logging out of your original session.

A. Switch to the New User

Use the su command to switch your shell session to the newly created user.

su - darrenadmin

B. Test the sudo command

Now that you are logged in as darrenadmin, try running a command that requires root privileges, such as listing the contents of the root user’s home directory:

sudo ls /root

When you execute this command, you will be prompted to enter the password for darrenadmin (the password you set in Step 2).

If the command executes and shows you the directory listing, congratulations—your new user has successfully been granted sudo privileges!

Conclusion and Next Steps

By following these four simple steps, you have successfully added a new, standard user account and granted it secure, controlled administrative access through the wheel group. This is a foundational step in securing any Linux server environment and adheres to the best practices that all system administrators should follow.

You can now log out of your root user account and handle all future administrative tasks using your newly created user with the sudo command.

If this tutorial helped you get your user management sorted out, please give this post a big thumbs up! Don’t forget to Subscribe to Darren’s Tech Tutorials on YouTube for more clear, actionable guides to mastering your technology. We’ll see you in the next tutorial!