Adding and Deleting the users on Ubuntu Cloud
One of the basic tasks that you need to know on a Linux server is adding and deleting the users. While creating a new system, you will be given only the root account as a default. While running as the root user you will be offered with good power and at the same time, it is harmful. Always it is a good plan to add an additional, unprivileged user to perform the common tasks. You need to create additional accounts for the other users who will be on your system. Each and every user must have a unique account.
Still, you will be able to acquire administrator privileges when you required them with the help of a mechanism called sudo. In this article, you will come to know how to create the user accounts, assign sudo privileges, and delete users.
1) Adding the User
If in case you are been signed as the root user, you will be able to create a new user at any time by typing the below query:
If in case you are signed in as a non-root user who has been provided with sudo privileges, as explained at the beginning of the server setup guide, you will be able to add a new user by typing the below query:
sudo adduser newuser
Now your new user will be ready to use and you will be able to log in using the password you have set up.
2) Granting the User Sudo Privileges
If you are the new user you should have the capability to execute commands with the root privileges, and also you have to provide the new user access to sudo. As an example, you will have 2 approaches to this problem: Adding the user to a pre-defined sudo user group and specifying the privileges on a per-user basis in the sudo's configuration.
Adding the New User to the Sudo Group
As an default, sudo on Ubuntu Cloud Server systems is been configured to extend the full privileges to the users in the sudo group.
You will be able to see in which groups the new user is in with the groups command:
newuser : newuser
As a default, the new user will only be in their own group, which was created at the time of creating an account, and also shares the name with the user. To add the user to a new group, you can make use of the usermod command:
usermod -aG sudo newuser
The -aG option here explains usermod to include the user into the listed groups.
Testing the User's Sudo Privileges
Now, the new user will be able to execute commands with the help of administrative privilege
While signing in as the new user, you will be able to execute commands as the regular user by typing the below commands:
You can also execute the same command with the administrative privileges by typing the sudo ahead of the command as mentioned below:
You will be requested to enter the password of the regular user account for which you are signed in.
Specifying the Explicit User Privileges in /etc/sudoers
As an alternative to put the user in the sudo group, you can also take the help of visudo command, which will open with a configuration file called as /etc/sudoers in the system's default editor, and explicitly specifies the privileges on a per-user basis.
Making use of the visudo is one of the recommended methods to alter the /etc/sudoers, as it locks the files against the multiple simultaneous edits and performs a sanity check on the contents before it starts to overwrite on the file. This will help in preventing the situation where you will be misconfigured the sudo and it is been prevented from fixing the problem as you would have lost the privileges of sudo.
If in case you are signed in as root, type the below query:
If incase you are signed in using a non-root user with the sudo privileges, type the below query:
Mostly, visudo opened /etc/sudoers in the vi editor can be confusing for the new users. As a default on the new Ubuntu installations, it has to instead use nano, which offers much of familiar text editing experience. Use can use the arrow keys to move the cursor, and you need to look for the line mentioned below:
root ALL=(ALL:ALL) ALL
In the below line, you need to copy the format you see and need to change only the word "root" to the reference to the new user that you are interested to give sudo privileges to:
root ALL=(ALL:ALL) ALL
newuser ALL=(ALL:ALL) ALL
You need to add a new line for each and every user that should be given full sudo privileges. When you are completed, you need to save and close the file by clicking on Ctrl-X, along with Y, and then Enter to confirm.
3) Deleting an User
When you no longer required the user, it is good to delete the old account.
You will be able to delete the user by yourself, without deleting any of other files, by typing the below query as a root:
If in case you have signed in as different non-root user with sudo privileges, you could need to type:
sudo deluser newuser
If in case, you need to delete the user's home directory while the user is being deleted, you can mention the below command as a root:
deluser --remove-home newuser
If in case you're running as a non-root user with the sudo privileges, you need to type:
sudo deluser --remove-home newuser
If you have already configured sudo privileges for the user you have been deleted, you need to remove the relevant line again by typing the below query:
Or you can use this if in case you are a non-root user with the sudo privileges:
root ALL=(ALL:ALL) ALL
newuser ALL=(ALL:ALL) ALL # DELETE THIS LINE
This will help the new user created with the similar name from being mistakenly provided sudo privileges.