How to create users and groups and add to the sudo group
I’m mainly a Windows administrator, but from time to time I administer the Linux environment. I use the Ubuntu distribution and in this article, I cover the long-term version of Ubuntu Server 20.04. Since I don’t use Linux often I struggle from time to time with permission. Therefore I decide to write down some important commands about creating users and groups with permission and the difference between root and a user with sudo rights. The sudo group is actually the Administrator group in the Linux universe.
Managing Users and Groups
Managing users and permissions can be a pain. Ubuntu servers, by default, allow one user to manage the entire system. When you install Ubuntu Server 20.04 you will be asked to create a user. This user will automatically be added to the sudoers files which means the user obtains the highest rights in short sudo. In addition, Ubuntu creates another user which is called root user.
Understanding Users and Groups
Managing permissions in Linux security comes down to understanding three key concepts, usernames, groups, and permissions. This article aims to demystify these concepts and help you understand how they work together to control access.
Understanding users is the first step in controlling access to your system. Each user can be assigned a unique username; this name will be used to identify that user on the system. This unique identifier is necessary as each person using a Linux server will need their own account and home directory.
Meet Charlie AI
The Best AI Content Creator
The Alternative to ChatGPT
A group can also be assigned to a user account. Groups add flexibility in the way you manage your users. While each user requires a unique username, you can add multiple users to a single group, allowing for easier management while still providing granular control over server tasks.
The final key part of controlling access is the concept of permissions. Linux uses a hierarchical system of permissions to control what activities each user can or cannot perform on a file, directory, or application.
In this article, you will add yourself as a user and add that user to a sudo group. You will also add users to existing groups. In a later article, I will cover the permissions
What is sudo and when to use the sudo
Ubuntu servers add the first created user to the sudo group, which means this user can add other users and add/edit/delete system files. All of these operations require great privileges like adding a new user or adding a new group to add future users, adding them to the administrative groups(admin), and configuring permissions for each Linux file or folder. A user should only be added to the sudoers file when a user needs administrator rights. The sudoers file is like the Administration group in Windows. All major tasks like adding users and adding groups can be done with root privileges by default or install/updated programs.
Creating users and groups
Create a new user
There are two commands to add a user ‘useradd’ or ‘adduser’. At first, this can be a little confusing since both commands accomplish the same thing (in different ways) and are named similarly. I prefer the command ‘adduser’ since it creates the password for the user and the home folder with additional questions. ‘useradd” only adds the user to the system, and you would need to assign a password later.
sudo adduser edy
Remove a user
You should ask yourself one fundamental question before removing an account. Is it still necessary for you to access the user’s files?
By default this command won’t delete the user home directory or any files in it.
sudo userdel edy
Remove the home directory of the user with all contents.
sudo rm -r /home/edy
Create a new group
sudo groupadd admins
On the Ubuntu Server platform, you’ll likely see that each of your user accounts is a member of a group with the same name as your username. The moment you create a user account, you are also creating a group with the same name.
In this picture you see the home folder ‘edy’ (red), user permission (violet) and the automated created group ‘edy’ (green)
Add user to a group
sudo usermod -aG admins edy
The option -‘a’ means to append the user edy to the group. If you would not use ‘a’, all other existing memberships in the group would be removed. ‘G’ means to add the user to the secondary group. It adds the user to an additional group and won’t replace the primary group. To replace the user’s primary group, you would use ‘g’ lowercase instead of uppercase ‘G’
Remove a user from a group
gpasswd -d edy admins
This command will remove user ‘edy’ from the group ‘admins
What’s the difference between a primary group and a secondary group
The Primary Group is a group that is automatically created while creating a user. Similarly, a group with the same ID as the user is created and the user is added to the group as the only member. This group is referred to as the primary group. We can create a secondary group independently by using commands, and we can then add users to it by changing the group IDs of those users.
Delete a group
sudo groupdel admins
How to check all groups in the system? There is a group file in /etc
In the file you see all groups. You also notice that groups are named after user name.
This command will change user to ‘edy’
If you only enter
This will switch the user to ‘root’.
Upon installation of Ubuntu 20.04, Ubuntu won’t create the user ‘root’. You need to create first a password for the user ‘root’. After that, you will be able to switch to the ‘root’ user. Ubuntu recommends not using the user ‘root’. You add any other user to the sudo group. Remember that Ubuntu added automatically the user you created during the installation process to the sudo group
Set password for user ‘root’
You can set a ‘root’ password with any user who has sudo right. Once the ‘root’ password is set, you are able to switch to the ‘root’ user
Switching back from the ‘root’ user to your normal account, just type
Add a user to sudo group
sudo usermod -aG sudo edy
This will add the user ‘edy’ to the sudo group
Look up the group membership of the user ‘edy’
Change password for a user
sudo passwd edy
Want to build a VMware ESXi homelab?
If you’re struggling with managing Users and Groups in Linux, I hope the information provided here will help. It’s important to add yourself as a user and add that user to a sudo group for future use if needed. You also need to add users to existing groups so they can have access to certain files or directories on your system. When adding new members, be sure not to give them too much power over your server by assigning them root privileges unless absolutely necessary.
Check out my other articles about Linux
Any purchases made from clicks on links to products on this page may result in an affiliate commission for me.
Please keep in mind that the quantity or price of items can change at any time.
As an Amazon Associate, I earn from qualifying purchases.
As an Aliexpress Associate, I earn from qualifying purchases.
Als Amazon-Partner verdiene ich an qualifizierten Verkäufen