When you first start using a fresh Linux server, adding and removing users is often one of first things you’ll need to do. In this guide, we will cover how to create user accounts, assign sudo privileges, and delete users on a CentOS 8 server.
Prerequisites
This tutorial assumes you are logged into a CentOS 8 server with a non-rootsudo-enabled user. If you are logged in as root instead, you can drop the sudo portion of all the following commands, but they will work either way.
Adding Users
Throughout this tutorial we will be working with the user sammy. Please susbtitute with the username of your choice.
You can add a new user by typing:
Next, you’ll need to give your user a password so that they can log in. To do so, use the passwd command:
You will be prompted to type in the password twice to confirm it. Now your new user is set up and ready for use!
Note: if your SSH server disallows password-based authentication, you will not yet be able to connect with your new username. Details on setting up key-based SSH authentication for the new user can be found in step 5 of Initial Server Setup with CentOS 8.
Granting Sudo Privileges to a User
If your new user should have the ability to execute commands with root (administrative) privileges, you will need to give them access to sudo.
We can do this by adding the user to the wheel group (which gives sudo access to all of its members by default).
Use the usermod command to add your user to the wheel group:
sudo usermod -aG wheel sammy wheel
Now your new user is able to execute commands with administrative privileges. To do so, append sudo ahead of the command that you want to execute as an administrator:
You will be prompted to enter the password of the your user account (not the root password). Once the correct password has been submitted, the command you entered will be executed with root privileges.
Managing Users with Sudo Privileges
While you can add and remove users from a group with usermod, the command doesn’t have a way to show which users are members of a group.
To see which users are part of the wheel group (and thus have sudo privileges), you can use the lid command. lid is normally used to show which groups a user belongs to, but with the -g flag, you can reverse it and show which users belong in a group:
Output
centos(uid=1000)
sammy(uid=1001)
The output will show you the usernames and UIDs that are associated with the group. This is a good way of confirming that your previous commands were successful, and that the user has the privileges that they need.
Deleting Users
If you have a user account that you no longer need, it’s best to delete it.
To delete the user without deleting any of their files, use the userdel command:
If you want to delete the user’s home directory along with their account, add the -r flag to userdel:
With either command, the user will automatically be removed from any groups that they were added to, including the wheel group if applicable. If you later add another user with the same name, they will have to be added to the wheel group again to gain sudo access.
Conclusion
You should now have a good grasp on how to add and remove users from your CentOS 8 server. Effective user management will allow you to separate users and give them only the access that is needed for them to do their job.
You can now move on to configuring your CentOS 8 server for whatever software you need, such as a LAMP or LEMP web stack.
Use promo code DOCS10 for $10 credit on a new account.
Linode’s Classic Manager will be retired on January 31, 2020. At that time, all users will be migrated to the new Cloud Manager when logging in to manage your infrastructure on Linode.
There have been substantial updates to Cloud Manager since it was introduced back in 2014. Cloud Manager has many new features, including an updated look-and-feel, modern user-interface, mobile support, and easy access to our recently released products. It’s also implemented solely atop our public APIv4.
Development work for Cloud Manager will continue beyond January 31, 2020. As always, your feedback for Cloud Manager or any other aspect of our platform is welcome at [email protected]
Note
We will continue to support APIv3 and the APIv3-based CLI beyond January 31, 2020.
In this Guide
If you are a Classic Manager user, this guide will provide an overview of the features and services available in Linode’s Cloud Manager. Some of the topics that will be discussed are:
An introduction to each section of the Cloud Manager, including links to related guides throughout our documentation library.
Specific features that you may need help finding due to differences in location between Classic Manager and Cloud Manager
Settings that might make your overall Cloud Manager experience better
Linodes
The Linodes section of Cloud Manager allows you to create and manage your Linodes. Each Linode instance in Cloud Manager includes:
Summary information about your Linode, like CPU usage, IPv4 and IPv6 traffic, and Disk IO
Access to any of your Linode’s attached Volumes and the ability to create a Volume
Networking information and features, including the ability to add IPv4 and IPv6 addresses, IP transfer and IP sharing
The ability to resize your Linode, boot your Linode into Rescue Mode, and rebuild your Linode
Access to Linode’s Backup service
An Activity Feed that displays any relevant events related to this Linode
Settings that allow you to update your Linode’s label, reset your Linode’s root password, manage system usage email notifications, manage Watchdog (Linode’s automatic reboot feature), and delete your Linode
An area to manage and create disks and configuration profiles
Cross data center migrations
Find Your Disks
In Classic Manager, Disks were located in the Linode Dashboard tab. In the Cloud Manager, Disks are now in the Disks/Configs tab of the Linode.
Click the Linodes link in the sidebar menu and select the Linode whose disks you’d like to see.
Then click the Disks/Configs tab. The disks are located in the Disks panel. Here you can add a disk, or for each individual disk, you can click the more options ellipses to get a drop down menu which will allow you to choose options such as Rename, Resize, Imagize, Clone, and Delete.
Reboot Your Linode
You can reboot a Linode from two places within the Cloud manager.
From your Linodes listing page, click the More Options Ellipses and select Reboot.
If you have more than one Configuration Profile, a panel will appear to allow you to select which Configuration to boot. Select a Config and click the Submit button. Otherwise, a confirmation dialog will appear.
You can also reboot your Linode from within any Linode detail screen by clicking on the Status Icon. A drop down menu will appear, select Reboot.
Again, if you have more than one Configuration Profile, a panel will appear to allow you to select which Configuration to boot. Select a Config and click the Submit button. Otherwise, a confirmation dialog will appear.
Delete a Public IP Address
You can delete public IP addresses in both Classic and Cloud managers. In Classic Manager, this was done under the Remote Access tab from the Linode you wished to modify. In Cloud Manager it is done in the Networking tab.
Click Linodes from the sidebar menu.
Choose the Linode you wish to modify to enter the Linode detail screen. Then, click on the Networking tab. Your IPv4 and IPv6 addresses will be listed here.
Next to the public IPv4 address you wish to delete, click on the more options ellipses. Select the option to Delete IP from the drop down menu.
A confirmation popup will appear where you can confirm the operation.
Note
You must have at least one public IP on a Linode. If you attempt to delete the last public IP on a Linode you will receive an error message after you confirm the deletion.
Volumes
The Volumes section of Cloud Manager gives you access to Linode’s Block Storage service. To learn how to create, and manage Block Storage volumes using Cloud Manager, see our How to Use Block Storage with Your Linode guide.
Find Volumes
In Classic Manager, Volumes were found within a Linode’s Dashboard tab. In Cloud Manager, Volumes are their own top-level menu item in the sidebar.
Note
Object Storage
The Object Storage section of Cloud Manager gives you access to Linode’s Object Storage service which is a globally-available, S3-compatible method for storing and accessing data. The Object Storage service is not available in Classic Manager.
To learn how to begin using Object Storage, view our How to Use Linode Object Storage guide. To access all available Object Storage guides, see the Object Storage section of our documentation site.
NodeBalancers
Linode’s NodeBalancers service provides load balancing for your applications and services ensuring that they are highly available for users. To learn how to get started with NodeBalancers using Cloud Manager, see our Getting Started with NodeBalancers guide.
Domains (DNS Manager)
The DNS Manager allows you to control and manage your domains. In Cloud Manager, the DNS Manager is located in the Domains link in the sidebar.
For more information on Cloud Manager’s DNS Manager, see the following guides:
Zone Files
Cloud Manager does not include the Check Zone and Zone File features, since it automatically ensures that your Domain’s zone file does not contain any errors:
When creating a Zone File for a Domain, the Linode API v4 checks for any errors that may exist. If an error is found, the Cloud Manager will respond with the corresponding error. This means that the Cloud Manager will not allow you to create an invalid zone file.
Once your Domain and corresponding Zone File is created, you can use the dig command to further verify that each domain record contains the information you expect, for example:
dig example.com
dig example.com MX
See the Use dig to Perform Manual DNS Queries guide for more details on the dig command.
Longview
The Longview section of Cloud Manager gives you access to Linode’s system data graphing service. It tracks metrics for CPU, memory, and network bandwidth, both aggregate and per-process, and it provides real-time graphs that can help expose performance problems. The Longview service offers both free and paid plan tiers.
Longview is still being actively developed to reach parity with Classic Manager. To get started using Longview in Cloud Manager, see the Understanding Linode Longview guide.
One-Click Apps
The One-Click Apps section of Cloud Manager gives you access to apps that make it easy to deploy and configure software on a Linode. Some popular One-Click Apps are WordPress, Minecraft, and GitLab. We are actively adding new and useful One-Click apps. When a One-Click App is deployed, a new Linode is created and the appropriate software is installed with the configurations you provide. One-Click Apps are not available in Classic Manager.
See How to Use Linode’s One-Click Apps to get started using One-Click Apps in Cloud Manager.
Kubernetes
The Kubernetes section of Cloud Manager gives you access to our managed Kubernetes service, the Linode Kubernetes Engine (LKE). LKE is a fully-managed container orchestration engine for deploying and managing containerized applications and workloads. LKE combines Linode’s ease of use and simple pricing with the infrastructure efficiency of Kubernetes. LKE is not available in Classic Manager.
To get started using LKE, see our Tutorial for Deploying and Managing a Cluster with Linode Kubernetes Engine.
StackScripts
StackScripts provide Linode users with the ability to automate the deployment of custom systems on top of our default Linux distribution images. StackScripts are usually Bash scripts, stored in the Linode Cloud Manager, and can be accessed when you deploy a Linode. Linodes deployed with a StackScript run the script as part of the first boot process.
To get started using StackScripts in Cloud Manager, see the Automate Deployment with StackScripts guide.
Find StackScripts
In Classic Manager, access to StackScripts was found under the Linodes tab. In Cloud Manager, StackScripts are their own top-level menu item in the sidebar.
Images
The Images section of Cloud Manager gives you access to Linode Images which allow you to take snapshots of your disks, and then deploy them to any Linode under your account. This can be useful for bootstrapping a master image for a large deployment, or retaining a disk for a configuration that you may not need running, but wish to return to in the future.
To get started using Images with Cloud Manager, see Linode Images.
Find Images
In Classic Manager, access to image management was found in the Linodes tab. In Cloud Manager, Images are their own top-level menu item in the sidebar.
Account (Management and Billing)
The Account section of Cloud Manager allows you to manage your account’s billing information and users, and to configure various account-wide settings.
You can manage the following account and billing settings in the Account section of Cloud Manager:
Find Credit Remaining
In the Cloud Manager, to find the amount of available credit that you have:
Click on the Account link from the sidebar menu.
On the right hand side of the screen you’ll see the Billing Information section. If you have credit stored on your account, it’ll appear in green under the Current Balance field.
Printing an Invoice
In Cloud Manager you can download a printable PDF of your invoice from your list of invoices or from within an individual invoice.
Navigate to your Account by clicking on Account in the sidebar.
Click on the Recent Invoices menu item in the Billing section. This will expand to show you a list of your recent invoices. Each invoice has a Download PDF link next to it.
You can also click on any invoice to view it within the Cloud Manager. At the top of the invoice there is a Download PDF button.
Import Display Groups
If you have used the Display Groups feature in the Classic Manager, you can import your Display Groups to the Cloud Manager as tags:
Navigate to the Account page in the sidebar links menu, then click on the Settings tab.
Expand the panel labeled Import Display Groups as Tags and then click Import Display Groups:
A form will appear that lists your Display Groups and asks you to confirm the import action. To proceed, click the Import Display Groups Now button in this form.
Note
Importing your Display Groups is a one-time operation. If you don’t have any Display Groups configured in the Classic Manager this feature will not appear in the Cloud Manager.
Password Management
The Cloud Manager does not support forcing password expirations. Forcing password resets on a schedule is bad practice from a security perspective. Current security research indicates that forced password changes do more harm than good. If you want to force password resets for users of your Linode account, we recommend using a password manager for this purpose.
My Profile
The My Profile section of Cloud Manager provides access to various settings related to your Linode account’s profile. This area of Cloud Manager contains access to the following features and settings:
API Keys / API Tokens
API Keys from Classic Manager do not transfer. This means that if you have keys generated in Classic, you will not see them in Cloud Manager. In Cloud Manager, API Keys are called API Tokens (personal access tokens) and can be used for a variety of different uses.
To generate a new personal access token, navigate to your profile by clicking on your username and select My Profile from the drop down menu. Then click on the API Tokens tab.
Click Add a Personal Access Token. A panel will display allowing you to give this token a label and choose the access rights you want users authenticated with the new token to have.
When you have finished, click Submit to generate a new Personal Access Token. Copy the token and save it to a secure location before closing the popup. You will not be able to view this token through the Cloud Manager after closing the popup.
Manage Email Event Notifications
Email event notifications alert you when new events such as booting, shutting down, or updates to a Linode occur on your account. You can enable or disable email event notifications using the Cloud Manager.
In Classic Manager email events notifications were managed in the Notifications tab under my profile. In Cloud Manager this is done in the Settings tab from My Profile.
User Interface Enhancements
Compact Mode and Dark Mode
Cloud Manager by default uses more whitespace on the screen. However, there is a Compact Mode which compresses this extra space and allows more information to be displayed on the screen. This setting is located at the bottom left hand corner of the screen when the gear icon is clicked. This is also where you can toggle on Dark Mode.
Accessibility
The Linode Cloud Manager has been built with accessibility in mind. Currently, the Cloud Manager is actively being developed to achieve WCAG 2.0 Level AA.
We have received a lot of helpful feedback from our users regarding accessibility. While we have addressed a lot of your feedback, this is still a work in progress and will be iterated upon with time. Please contact [email protected] with any comments or requests regarding accessibility.
Next Steps
See the following guides for more features of Cloud Manager:
If you still need help finding features in or using Cloud Manager, please contact Linode Support.
This guide is published under a CC BY-ND 4.0 license.
Adding and removing users on a Linux system is one of the most important system administration tasks to familiarize yourself with. When you create a new system, you are often only given access to the root account by default.
While running as the root user gives you complete control over a system and its users, it is also dangerous and can be destructive. For common system administration tasks, it is a better idea to add an unprivileged user and carry out those tasks without root privileges. You can also create additional unprivileged accounts for any other users you may have on your system. Each user on a system should have their own separate account.
For tasks that require administrator privileges, there is a tool installed on Ubuntu systems called sudo. Briefly, sudo allows you to run a command as another user, including users with administrative privileges. In this guide we will cover how to create user accounts, assign sudo privileges, and delete users.
Prerequisites
To follow along with this guide, you will need:
Adding a User
If you are signed in as the root user, you can create a new user at any time by typing:
If you are signed in as a non-root user who has been given sudo privileges, you can add a new user by typing:
Either way, you will be asked a series of questions. The procedure will be:
Assign and confirm a password for the new user
Enter any additional information about the new user. This is entirely optional and can be skipped by hitting ENTER if you don’t wish to utilize these fields.
Finally, you’ll be asked to confirm that the information you provided was correct. Enter Y to continue.
Your new user is now ready for use. You can now log in using the password that you entered.
If you need your new user to have access to administrative functionality, continue on to the next section.
Granting a User Sudo Privileges
If your new user should have the ability to execute commands with root (administrative) privileges, you will need to give the new user access to sudo. Let’s examine two approaches to this problem: adding the user to a pre-defined sudouser group, and specifying privileges on a per-user basis in sudo’s configuration.
Adding the New User to the Sudo Group
By default, sudo on Ubuntu 18.04 systems is configured to extend full privileges to any user in the sudo group.
You can see what groups your new user is in with the groups command:
Output
newuser : newuser
By default, a new user is only in their own group which adduser creates along with the user profile. A user and its own group share the same name. In order to add the user to a new group, we can use the usermod command:
The -aG option here tells usermod to add the user to the listed groups.
Specifying Explicit User Privileges in /etc/sudoers
As an alternative to putting your user in the sudo group, you can use the visudo command, which opens a configuration file called /etc/sudoers in the system’s default editor, and explicitly specify privileges on a per-user basis.
Using visudo is the only recommended way to make changes to /etc/sudoers, because it locks the file against multiple simultaneous edits and performs a sanity check on its contents before overwriting the file. This helps to prevent a situation where you misconfigure sudo and are prevented from fixing the problem because you have lost sudo privileges.
If you are currently signed in as root, type:
If you are signed in as a non-root user with sudo privileges, type:
Traditionally, visudo opened /etc/sudoers in the vi editor, which can be confusing for inexperienced users. By default on new Ubuntu installations, visudo will instead use nano, which provides a more convenient and accessible text editing experience. Use the arrow keys to move the cursor, and search for the line that looks like this:
/etc/sudoers
root ALL=(ALL:ALL) ALL
Below this line, add the following highlighted line. Be sure to change newuser to the name of the user profile that you would like to grant sudo privileges:
/etc/sudoers
root ALL=(ALL:ALL) ALL
newuser ALL=(ALL:ALL) ALL
Add a new line like this for each user that should be given full sudo privileges. When you are finished, you can save and close the file by hitting CTRL+X, followed by Y, and then ENTER to confirm.
Testing Your User’s Sudo Privileges
Now, your new user is able to execute commands with administrative privileges.
When signed in as the new user, you can execute commands as your regular user by typing commands as normal:
You can execute the same command with administrative privileges by typing sudo ahead of the command:
You will be prompted to enter the password of the regular user account you are signed in as.
Deleting a User
In the event that you no longer need a user, it is best to delete the old account.
You can delete the user itself, without deleting any of their files, by typing the following command as root:
If you are signed in as another non-root user with sudo privileges, you could instead type:
If, instead, you want to delete the user’s home directory when the user is deleted, you can issue the following command as root:
deluser --remove-home newuser
If you’re running this as a non-root user with sudo privileges, you would instead type:
sudo deluser --remove-home newuser
If you had previously configured sudo privileges for the user you deleted, you may want to remove the relevant line again by typing:
Or use this if you are a non-root user with sudo privileges:
root ALL=(ALL:ALL) ALL
newuser ALL=(ALL:ALL) ALL # DELETE THIS LINE
This will prevent a new user created with the same name from being accidentally given sudo privileges.
Conclusion
You should now have a fairly good handle on how to add and remove users from your Ubuntu 18.04 system. Effective user management will allow you to separate users and give them only the access that they are required to do their job.
For more information about how to configure sudo, check out our guide on how to edit the sudoers file here.
