We already have shown you how to create a new sudo user, grant sudo permissions to existing users and revoke the sudo privileges from an user in Alpine Linux, CentOS and Ubuntu operating systems. In this guide, we will see how to add, delete and grant sudo privileges to users in Arch Linux and its variants.
Table of Contents
Add, Delete And Grant Sudo Privileges To Users In Arch Linux
Log in as root
user or any other existing sudo
user. If it is a newly installed system, you shouldn't have any users except the root
user. Mine is newly installed Arch system, so I logged in as root
user.
Make sure you've installed sudo
package by running the following commands as root
user:
# pacman -Syu # pacman -S sudo
The first command will sync the repositories and update your Arch Linux system to latest available version. And the second command will install sudo
if it is not already installed.
Next, create a new user and add sudo privileges to that user in Arch Linux.
1. Create a sudo user in Arch Linux
Run the following command to create a new user, for example ostechnix:
# useradd --create-home ostechnix
Set password to the new user:
# passwd ostechnix
We have created a new user named ostechnix. We haven't granted the sudo
privilege to the user yet. You can verify if the user is sudo user or not using command:
# sudo -lU ostechnix
Sample output:
User ostechnix is not allowed to run sudo on archlinux.
Yes, the user is not yet allowed to perform administrative tasks. Let us go ahead and grant him the sudo
permissions.
To add a normal user to sudoers
list in Arch Linux, simply add him/her to the wheel
group. For those wondering, the wheel
is a special group in some Unix-like operating systems. All the members of wheel
group are allowed to perform administrative tasks. Wheel group is similar to sudo
group in Debian-based systems.
We can add users to sudoers list in two ways. The first method is using chmod
command.
1.1. Add users to sudoers list using usermod
command in Arch Linux
To add an user to sudoers ist in Arch Linux, run:
# usermod -aG wheel ostechnix
Or,
# usermod --append --groups wheel ostechnix
The above command will add the user called ostechnix to "wheel" group. As stated already, the members of wheel group can perform administrative tasks using sudo
command.
Next, edit /etc/sudoers
file using command:
# visudo
Find and uncomment the following line (just remove the #
symbol at the beginning of the line):
%wheel ALL=(ALL) ALL
Hit ESC
key and type :wq
to save the file and exit.
You can also add the user to sudo
group to allow it's members to run any command.
# usermod -aG sudo ostechnix
Edit /etc/sudoers
file:
# visudo
Uncomment the following line:
%sudo ALL=(ALL) ALL
Save the file and exit.
We have added the user ostechnix to sudoers list. Now skip to the "1.3. Check if an user has sudo access in Arch Linux" section and check if the user has sudo
permissions.
1.2. Add users to sudoers list by editing sudoers configuration file in Arch Linux
The another way to assign sudo
permission to an user in Linux is by manually adding him to the /etc/sudoers
file as shown below.
Edit /etc/sudoers
file:
# visudo
This will open /etc/sudoers
file in your Vi editor or whatever you have in your $PATH
. Scroll down until you find following entry:
root ALL=(ALL) ALL
Right after the above entry, add the following line:
ostechnix ALL=(ALL) ALL
Replace "ostechnix" with your own username. Save the file and exit. Here, the line ALL=(ALL) ALL
refers the user "ostechnix" can run any commands on any host.
1.3. Check if an user has sudo access in Arch Linux
To check if an user has sudo permissions, run:
# sudo -lU ostechnix
Sample output:
User ostechnix may run the following commands on archlinux: (ALL) ALL
Well, the user "ostechnix" has sudo permissions.
Let us perform some administrative tasks with this user to verify if he really has sudo rights. Log out and log back in as the ostechnix user. Alternatively, you can run the following command to immediately switch to the ostechnix user:
# su - ostechnix
Well, we switched to the ostechnix user. Now try to run any administrative operations.
$ sudo pacman -Syu
Sample output:
It works! The user ostechnix can able to perform administrative tasks.
2. Delete sudo privileges from an user in Arch Linux
We can take away the sudo privileges from an user without actually having to delete the user.
First, log out from the user and log back in as root
or another sudo
user. Next, delete sudo privileges from an user by simply removing him/her from the wheel
group using the following command in Arch Linux:
# gpasswd -d ostechnix wheel
If you have added the user to sudo
group, you need to remove him/her from that group too.
# gpasswd -d ostechnix sudo
That's it. The user is not in the sudoers list anymore, so he can't run any administrative tasks.
You can verify it using command:
# sudo -lU ostechnix
If you don't want that user anymore, remove him entirely from the system using this command:
# userdel -r ostechnix
Here, -r
flag is used to delete the $HOME
directory of the user.
For more details, refer the respective command's man page:
$ man sudo
$ man useradd
$ man usermod
$ man gpasswd
$ man userdel
That's all for now. In this guide, you learned how to create a sudo user, and how to grant sudo privileges to existing users and finally how to remove the sudo privileges from an user in Arch Linux. It is always recommended to use a sudo user for administrative tasks. Please avoid using root
user for server administrative operations.