How can I add a new user as sudoer using the command line?
After I add a user using
adduser, I can't see it via System > Administration > Users and Groups unless I log out and then log in again. Is that normal?
Also, can I set a newly added user as a
sudoer or do I have to change that only after adding it? How can I do that via the shell?
Finally, can I delete the original user that was created upon initial installation of Ubuntu, or is this user somehow 'special'?
sudo adduser <username> sudo
The change will take effect the next time the user logs in.
This works because
/etc/sudoersis pre-configured to grant permissions to all members of this group (You should not have to make any changes to this):
# Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL
As long as you have access to a user that is in the same groups as your "original" user, you can delete the old one.
Realistically, there are also other groups your new user should be a member of. If you set the Account type of a user to Administrator in Users Settings, it will be placed in at least all of these groups:
adm sudo lpadmin sambashare
Because your system configuration may vary, I suggest taking a look at the output of
groups <username>to see what groups are normally in use.
Thanks, but if I add my user to `admin` I can later add myself to any other groups as well, right?
Anybody who has root privileges can add himself to any group. If you give someone full sudo privileges, that is what you get, does not matter if as user or as member of admin. If you want to give less privileges, you need to specify this in the sudoer file
There exists admin group in Ubuntu 12.04.02 LTS. And adding the user in that adm group in file /etc/group will help.
The question is about an existing user, but if it was for a new user *"sudo adduser sudo"* would have to be preceded by *"sudo adduser "*. Otherwise one get the error message "The user does not exist".
if you can't run sudo because of sudoer, you should boot under recovery mode and run this command.
Is username a new user you're creating or an existing user that is somewhere that exists already?
@H2ONaCl I believe you are correct, as looking at my local machine (Ubuntu 16), I have a sudo, but not root group, which makes sense.
sudo usermod -a -G sudo <username>
as recommended here.
For an existing user, this is the correct solution. It should be marked as the answer.
Do not forget `-a` flag or you will remove user from all groups except `sudo`
@RousseauAlexandre absolutely! most important, especially if you are trying to add yourself to a non-sudo group and you're the only one on the machine with sudo privileges... `without -a you just removed yourself from the sudo group!`
Open the sudoers file:
sudo visudowill open the
/etc/sudoersfile in the editor defined in
$EDITOR(probably GNU nano - set the variable if it's not what you want, eg
export EDITOR="nano"and try
Add the below line to the end of the file.
username ALL=(ALL) ALL # Change the user name before you issue the commands
Then perform WriteOut with Ctrl + O. The editor will ask you for the file name to write into. The default will be a temporary file that's used by
visudoto check for syntax errors before saving to the actual
sudoersfile. Press Enter to accept it. Quit the nano editor with Ctrl + X.
It would be inadvisable to explicitly add a single user to the sudoers file instead of simply adding that user to the appropriate group `sudo`.
with sudo visudo you can output to /etc/sudoers.tmp, when leaving the editor it will overwrite /etc/sudoers by itself
The other solutions work great for OSs with a built in `sudo` group, but for the occasional system without a dedicated `sudo` group, this solution works. The only recommendation I have is you may want to avoid putting `sudo` itself inside the procedure, as it may not be setup yet! Easy to workaround by doing `su -` and then simply `visudio`. This works on Gentoo.
One thing I have to add that I'm sure a lot of people don't understand:
Once you have already done a
adduser "username", you can still come back and do a
adduser "username" sudo, and it will then add that user to the group properly.
It actually won't work the first time around like
sudo adduser username sudo. It will give you an error. Which in summary means you must first make the user account before you can add them to a group.
All members of the group
admin, are in Ubuntu by default allowed to use sudo, so the easiest way is to add the user account to the
If you do not want to give the user account full root access, you need to edit the /etc/sudoer file with visudo (it makes sure that you do not have any syntax errors in the file and lose sudo capability altogether) in a way that you specify what commands this user (or a new group) can execute as root.
The sudoer manual will give you more information about this. You can specify which commands are permitted by a particular user/group to be executed as root.
The following snippet grants root access to username without explicitly logging in as root.
Make sure that the user is added to sudo group first. Tested on Ubuntu 16.04.1 LTS.
sudo adduser username sudo sudo sh -c "echo 'username ALL=NOPASSWD: ALL' >> /etc/sudoers"