Add/Remove users in/from the SUDO group
The SUDO ( Super-user do) is a program designed to allow users to execute commands with the security privileges of another user.
This section will guide you through the process of adding a new user and provide it super user access.
First SSH to your computer via tools like Putty or open terminal if you working in a GUI environment. Change to root, if not. If you have another user with
Create a new user account , if not done already.
adduser username
Provide all the information needed. This will create a home directory for the user "useradd USERNAME
If you want to specify the path of the home directory, use -d and specify the path: useradd -m -d /PATH/TO/FOLDER USERNAME
Note: You can then set the password with passwd USERNAME |
Before adding this user to a sudo group, let's see the impact executing sudo functions without enough privileges.
Clearly, you can see that the user "testuser" has been denied running commands with sudo permissions.
To add a user to the sudo group, you can use usermod command.
usermod -aG sudo usernameNow if you try to execute any command with the SUDO command beforehand for user "
We have now seen how to create a user with sudo privileges. If you want to remove any user from this sudo group, you can execute follwing commands as root privilege user.
gpasswd -d testuser sudo
How to Find Out Who Tried to Use Sudo Without Permission ?
When a user tries to run a sudo command and is not authorized to run sudo commands, the error message will be logged.
Within Debian the errors are sent to a file called /var/log/auth.log.
On systems such as Fedora and CentOS the errors are logged to /var/log/secure.
You can use follwing command to acces the log file
tail /var/log/auth.log | more
