Introduction
The sudo
command is the preferred means to handle elevated permissions. In supported versions of Ubuntu, using the sudo
command will grant elevated permissions for 15 minutes.
Standard user accounts are restricted from performing sensitive tasks, such as viewing the contents of the /root directory. This prevents the accidental use of commands with massive consequences. It also makes it more difficult for intruders to compromise a system. However, sometimes you need to run an administrative command. Sudo – or Super User Do – grants you privileges to run sensitive tasks.
This simple tutorial will show you how to add a new user on Ubuntu and provide sudo access.
Prerequisites
- A system running a supported version of Ubuntu
- Access to a root user account or another account with sudo privileges
- Access to a terminal window/command line (Ctrl–Alt–T)
Steps to Add Sudo User on Ubuntu
Step 1: Create New User
1. Log into the system with a root user or an account with sudo privileges.
2. Open a terminal window and add a new user with the command:
adduser newuser
The adduser
command creates a new user, plus a group and home directory for that user.
You may get an error message that you have insufficient privileges. (This typically only happens for non-root users.) Get around it by entering:
sudo adduser newuser
3. You can replace newuser
with any username you wish. The system will add the new user; then prompt you to enter a password. Enter a great secure password, then retype it to confirm.
4. The system will prompt you to enter additional information about the user. This includes a name, phone numbers, etc. – these fields are optional, and can be skipped by pressing Enter.
Step 2: Add User to Sudo Group
Most Linux systems, including Ubuntu, have a user group for sudo users. To grant the new user elevated privileges, add them to the sudo group.
In a terminal, enter the command:
usermod -aG sudo newuser
Replace newuser
with the username that you entered in Step 1.
Again, if you get an error, run the command with sudo as follows:
sudo usermod -aG sudo newuser
The -aG
option tells the system to append the user to the specified group. (The -a
option is only used with G
.)
Note: Usermod command is a useful tool for user management. To learn more about its options, refer to our guide How To Use The Usermod Command In Linux.
Step 3: Verify User Belongs to Sudo Group
Enter the following to view the groups a user belongs to:
groups newuser
The system will respond by listing the username and all groups it belongs to, for example: newuser : newuser sudo
Step 4: Verify Sudo Access
Switch users by entering:
su - newuser
Replace newuser
with the username you entered in Step 1. Enter your password when prompted. You can run commands as normal, just by typing them.
For example:
ls /home
However, some commands or locations require elevated privileges. If you try to list the contents of the /root directory, you’ll get an access denied error: ls /root
The command can be executed with:
sudo ls /root
The system will prompt for your password. Use the same password you set in Step 1. You should now see the contents of the /root directory.
Conclusion
Now you know how to add and create a user with sudo privileges on Ubuntu.
Before sudo, users would log in to their systems with full permissions over the entire system with the su command. This was risky as users could be exploited by tricking them into entering malicious commands. These vulnerabilities were solved by limiting account privileges. However, administrators still had to log out of their account and into an admin account to perform routine tasks.
The sudo
command in Ubuntu strikes a balance – protecting user accounts from malicious or inadvertent damage while allowing a privileged user to run administrative tasks. To learn more about the difference between these commands, check out Sudo vs. Su.