and removing users on a Linux system is one of the most important system administration tasks you should become familiar with. When you create a new system, you are often only given access to the root account by default.
While running as root gives you complete control over a system and its users, it is also dangerous and possibly destructive. For common system administration tasks, it’s a better idea to add an unprivileged user and perform those tasks without root privileges. You can also create additional unprivileged accounts for any other users you may have on your system. Each user of a system must have their own separate account.
For tasks that require administrator privileges, there is a tool installed on Ubuntu systems called sudo. Briefly, sudo allows you to run a command as another user, including users with administrative privileges. In this guide, you will learn how to create user accounts, assign sudo privileges, and delete users.
complete this tutorial, you will need access to a server running Ubuntu 18.04. Make sure that you have root access to the server and firewall enabled. To set this up, follow our Initial Server Setup Guide for Ubuntu 18.04.
a user If you are logged in as root, you can create a new user at any time by running the following: adduser newuser
If you are logged in as a non-root user who has been granted sudo privileges, you can add a new user with the following command:
- sudo adduser newuser Either
way, you will be asked to answer a series of questions:
- Assign and confirm a password for
- Enter any additional information about the new user. This is optional and can be omitted by pressing ENTER if you do not want to use these fields.
- Finally, you will be asked to confirm that the information you provided was correct. Press Y to continue.
the new user.
Your new user
is now ready for use and you can log in with the password you entered
you need the new user to have administrative privileges, continue to the next section
User Privileges If your new user must
have the ability to execute commands with root (administrative) privileges, you must grant the new user access to sudo. Let’s examine two approaches to this task: first, adding the user to a predefined sudo user group, and second, specifying per-user privileges in the sudo settings.
Add the new user to
group By default, sudo on
Ubuntu 18.04 systems is configured to extend full privileges to any user in the sudo group.
You can see which groups your
new user is in with the groups command: groups newuser Outputnewuser : newuser By default, a new user is only in their own group because
creates it in addition to the user profile. A user and their own group share the same name. To add the user to a new group, you can use
the usermod command: usermod -aG sudo
The -aG option tells usermod to add the user to the listed groups
Note that the usermod command itself requires sudo privileges. This means that you can only add users to the sudo group if you are logged in as root or as another user who has already been added as a member of the sudo group. In the latter case, you will have to precede
this command with sudo, as in this example: sudo
- usermod -aG sudo newuser
Specifying explicit user privileges in /etc/sudoers As an alternative to putting your user in the sudo group, you can use the visudo command, which opens a configuration file called /
the system’s default editor. and explicitly specify per-user privileges.
Using visudo is the only recommended way to make changes to /etc/sudoers because it locks the file against multiple simultaneous edits and performs a validation check of its contents before overwriting the file. This helps avoid a situation where you misconfigure sudo and you can’t fix the problem because you’ve lost sudo privileges.
If you are currently logged in as root, run the following: visudo
If you are logged in as a non-root user with sudo privileges, run the same command with the prefix
sudo: sudo visudo Traditionally,
in the vi editor, which can be confusing for inexperienced users. By default on new Ubuntu installations, visudo will use the nano text editor, which provides a more convenient and accessible text editing experience. Use the arrow keys to move the cursor and locate the line that says
the following: root ALL=(ALL:ALL) ALL
Below this line, add the following highlighted line. Be sure to change newuser to the name of the user profile to which you want to grant privileges
sudo: root ALL=(ALL:ALL) ALL newuser ALL=(ALL:ALL) ALL
Add a new line like this for each user who should be granted full sudo privileges. When you’re done, save and close the file by pressing CTRL+X, followed by Y, and then ENTER to confirm.
sudo privileges The new user can now run commands with administrative privileges. When you log in as the
new user, you can run commands like your normal user by typing commands as usual
You can run the same command with administrative privileges by typing sudo in front of the command:
- sudo some_command
When you do this, you will be asked to enter the password of the normal user account with which you have logged in.
In the event that you no longer need a user, it is better to delete the old account.
You can delete the user himself, without deleting any of his files, by running the following command as root: deluser newuser If you are logged in as
another non-root user with sudo privileges, you must use the following: sudo
- deluser newuser
Yes, instead, you
want to delete the user’s home directory When the user is deleted, you can issue the following command as root: deluser -remove-home newuser If you are running this as a non-root user with sudo privileges, you
would run the same command with the sudo prefix:
- sudo deluser -remove-home
If you previously set sudo privileges for the user you deleted, you may want to delete the relevant line again
Or use the following command if you are
a non-root user with sudo privileges: sudo
root ALL=(ALL:ALL) ALL newuser ALL=(ALL:ALL) ALL # DELETE THIS LINE This
will prevent a new user created with the same name from accidentally receiving sudo privileges.
You should now have a good handle on how to add and remove users from your Ubuntu 18.04 system. Effective user management will allow you to separate users and give them only the access that is required of them to do their jobs.
For more information on how to set up sudo, see our guide on how to edit the sudoers file.