πŸ‘₯ Add, remove and grant sudo rights to Arch Linux users

We have already shown you how to create a new sudo user, grant sudo permissions to existing users, and revoke sudo privileges from a user on CentOS and Ubuntu operating systems.

In this tutorial, we’ll look at how to add, remove, and grant sudo rights to users on Arch Linux and its variants.

How to add, remove and grant sudo rights to users on Arch Linux

Make sure you have installed the sudo package by running the following commands as root:

# pacman -Syu
# pacman -S sudo

The first command will sync the repositories and update your Arch Linux system to the latest version available. The second command will install sudo if not already installed. Then create a new user and add sudo rights to it.

1. Create a sudo user on Arch Linux.

Run the following command to create a new user, for example itsecforu:

# useradd --create-home itsecforu

Set a password for the new user:

# passwd itsecforu

We have created a new user named itsecforu.

We haven’t given the user sudo rights yet.

You can check if a user is a sudo user or not using the command:

# sudo -lU itsecforu

Output example:

User itsecforu is not allowed to run sudo on archlinux.

Yes, the user is not yet allowed to perform administrative tasks.

Let’s go ahead and give it sudo rights.

To add a regular user to the sudoers list, simply add him to the wheel group.

For those of you curious, wheel is a special group on some Unix-like operating systems.

All members to this group are allowed to perform administrative tasks.

The Wheel group is similar to the sudo group on Debian based systems.

We can add users to the sudoers list in two ways.

The first way is to use the usermod command.

1.1. Add users to the sudoers list using the usermod command on Arch Linux

To add a user to the sudoers list on Arch Linux, run:

# usermod -aG wheel itsecforu

or

# usermod --append --groups wheel itsecforu

The above command will add a user named itsecforu to the “wheel” group.

As mentioned, members of the wheel group can perform administrative tasks using the sudo command.

Then edit the / etc / sudoers file with the command:

# visudo

Find and uncomment the following line (just remove the # at the beginning of the line):

 %wheel ALL=(ALL) ALL

Press ESC and type: wq to save the file and exit.

You can also add the user to the sudo group:

# usermod -aG sudo itsecforu

Edit the / etc / sudoers file:

# visudo

Uncomment the following line:

 %sudo ALL=(ALL) ALL

Save the file and exit.

We have added the user itsecforu to the sudoers list.

Now go to section β€œ1.3. Let’s check if the user has sudo access on Arch Linux ”and check if the user has sudo rights.

1.2. Add users to the sudoers list by editing the sudoers config file on Arch Linux

Another way to assign sudo permissions to a Linux user is to manually add it to the / etc / sudoers file as shown below. Edit the / etc / sudoers file:

# visudo

The system will open the / etc / sudoers file in your Vi editor or whatever you have in your $ PATH. Scroll down until you find the following entry:

root    ALL=(ALL)       ALL

Add the following line immediately after the above entry:

itsecforu ALL=(ALL)       ALL

Replace “itsecforu” with your username. Save the file and exit. Here the line ALL = (ALL) ALL indicates that the user “ostechnix” can run any command on any host.

1.3. Check if the user has sudo access on Arch Linux

To check if the user has sudo rights, run:

# sudo -lU itsecforu

Output example:

User itsecforu may run the following commands on archlinux:
    (ALL) ALL

The user β€œitsecforu” now has sudo rights.

Let’s do some administrative tasks with this user to check if they really have sudo rights.

Log out and log back in as user itsecforu.

Alternatively, you can run the following command to switch to the ostechnix user immediately:

# su - ostechnix

Well, we switched to ostechnix user.

Now try running some administrative operations.

$ sudo pacman -Syu

If the command is executed – everything is ok!

2. Remove sudo privileges from the user in Arch Linux.

We can revoke sudo privileges from a user without removing it

… First, log out and log back in as root or another sudo user.

Then remove the sudo privileges from the user by simply removing them from the wheel group using the following command on Arch Linux:

# gpasswd -d itsecforu wheel

If you added a user to the sudo group, you also need to remove him from that group.

# gpasswd -d itsecforu sudo

That’s all.

The user is no longer on the sudoers list, so he cannot perform any administrative tasks.

# sudo -lU itsecforu

Output example:

User itsecforu is not allowed to run sudo on archlinux.

If you no longer need this user, completely remove it from the system using this command:

# userdel -r itsecforu

Here the -r flag is used to remove this user’s $ HOME directory.

For more information, refer to the man page of the respective command:

$ man sudo
$ man useradd
$ man usermod
$ man gpasswd
$ man userdel

Conclusion

That’s all for now.

In this tutorial, you learned how to create a sudo user and how to grant sudo privileges to existing users, and finally how to remove sudo privileges from a user on Arch Linux.

Please avoid using the root user for server administration operations.

Sidebar