DTT

How To Create a Sudo / Root User on CentOS 7

Published: October 14, 2017 (Updated: Oct 14, 2017)
#CentOS #Sudo #Bash

Enjoying this content? Subscribe to the Channel!

CentOS 7 Mastery: Create Secure Users and Enable Sudo Access with the Wheel Group

Introduction: Why You Need a Dedicated Sudo User

Welcome back to Darren’s Tech Tutorials!

If you’re managing a CentOS or RHEL server, the most fundamental rule of security is simple: Never use the root user for daily tasks. Running constantly as root is dangerous; one misplaced command can permanently damage your system.

The best practice is to create a standard, unprivileged user account and then grant that user the ability to temporarily elevate their privileges using the sudo command (short for “super user do”).

On CentOS 7, the easiest and safest way to grant this access is by adding the new user to the special wheel group. This comprehensive guide will walk you through the entire process, step-by-step!

Prerequisites

To follow along with this tutorial, you only need one thing:

  • Access to your CentOS 7 server, logged in either as the root user or a user who already has sudo privileges.

Step 1: Creating the New User Account

The first step is straightforward: using the adduser command to create a standard account. Remember to replace [your_new_username] with the actual username you want to use.

# Creates the user and automatically creates a home directory
adduser [your_new_username]

Example: If you wanted to create a user named darren, the command would be adduser darren.

Step 2: Assigning a Secure Password

A user without a password is a vulnerability waiting to happen. Immediately after creating the account, you must set a strong, secure password using the passwd command.

# Sets the password for the new user
passwd [your_new_username]

When you run this command, the system will prompt you twice to enter the new password. Ensure it’s complex and unique!

Step 3: Granting Sudo Power via the Wheel Group

This is the most critical step. On CentOS (and other Red Hat-based distributions), the wheel group is pre-configured to be the list of users allowed to execute commands using sudo.

We use the usermod command to modify the user account and add them to the wheel group.

Understanding the Command Flags

  • -a: This stands for “append.” It ensures we add the new group rather than replacing all existing groups the user belongs to.
  • -G: This stands for “groups.” It specifies the group name we want to add the user to.

Execute the following command to add your new user to the wheel group:

# Add the new user to the wheel group
usermod -aG wheel [your_new_username]

Once this command executes successfully, your new user now has the ability to run administrative commands.

Technical Note: If you want to check which groups a user belongs to, you can use the groups [your_new_username] command. You should see wheel listed!

Step 4: Testing Your New Sudo Access

It’s time to verify that the setup worked correctly. We need to switch user context to the new account.

4a. Switching Users

Use the su - command to switch to the new user. The hyphen (-) ensures you get a full login shell, including loading the new user’s environment variables.

# Switch to the new user context
su - [your_new_username]

4b. Running a Sudo Test Command

Now that you are logged in as the new user, try running a command that requires elevated privileges. A common test is listing the contents of the root directory (/), which typically requires sudo access if you want to see all protected files.

# Use sudo to run a command that requires root access
sudo ls /

The first time you use sudo with a new user account, you will be prompted to enter that user’s own password (the one you set in Step 2).

If you see the directory listing, congratulations! Your new user is set up securely and has full administrative capabilities when needed, without having to log in as root.

Conclusion

Creating a dedicated user and properly configuring sudo access via the wheel group is a foundational skill for managing any Linux server. You’ve just made your CentOS 7 system significantly more secure and much easier to manage!

Ready to put this knowledge to the test? Log into your server right now and create a new account using these steps.

If this guide helped you secure your CentOS environment, don’t forget to like this blog post and subscribe to Darren’s Tech Tutorials on YouTube for more clear, actionable technology guides just like this one. Happy administering!