Introduction

When you first start using a fresh Linux server, adding and removing users is often one of the first things you’ll need to do. In this guide, you will learn how to create user accounts, assign sudo privileges, and delete users on a CentOS 7 server.

Prerequisites

To complete this tutorial, you will need:

A CentOS 7 server with a non-root sudo-enabled user. If you are logged in as root instead, you can drop the sudo portion of all the following commands. For guidance, please see our tutorial Initial Server Setup with CentOS 7.

Adding Users

Throughout this tutorial we will be working with the user sammy. Please substitute with the username of your choice.
You can add a new user by typing:

sudo adduser sammy

Next, you’ll need to give your user a password so that they can log in. To do so, use the passwd command:

sudo passwd sammy

You will be prompted to type in the password twice to confirm it. Now your new user is set up and ready for use! You can now log in as that user, using the password that you set up.

Note: if your SSH server disallows password-based authentication, you will not yet be able to connect with your new username. Details on setting up key-based SSH authentication for the new user can be found in step 4 of Initial Server Setup with CentOS 7.

Granting Sudo Privileges to a User

If your new user should have the ability to execute commands with root (administrative) privileges, you will need to give the new user access to sudo.
We can do this by adding the user to the wheel group (which gives sudo access to all of its members by default).
To do this, use the usermod command:

sudo usermod -aG wheel sammy

Now your new user is able to execute commands with administrative privileges. To do so, simply type sudo ahead of the command that you want to execute as an administrator:

sudo some_command

You will be prompted to enter the password of your user account (not the root password). Once the correct password has been submitted, the command you entered will be executed with root privileges.

Managing Users with Sudo Privileges

To see which users are part of the wheel group (and thus have sudo), you can use the lid function. lid is normally used to show which groups a user belongs to, but with the -g flag, you can reverse it and show which users belong in a group:

sudo lid -g wheel
 sammy(uid=1001)

The output will show you the usernames and UIDs that are associated with the group. This is a good way of confirming that your previous commands were successful, and that the user has the privileges that they need.

Deleting Users

If you have a user account that you no longer need, it’s best to delete the old account.
If you want to delete the user without deleting any of their files, type:

sudo userdel sammy

If you want to delete the user’s home directory along with the user account itself, type:

sudo userdel -r sammy

With either command, the user will automatically be removed from any groups that they were added to, including the wheel group if they were given sudo privileges. If you later add another user with the same name, they will have to be added to the wheel group again to gain sudo access.

Conclusion

You should now have a good grasp on how to add and remove users from your CentOS 7 server. Effective user management will allow you to separate users and give them only the access that is needed for them to do their job. You can now move on to configuring your CentOS 7 server for whatever software you need, such as a LAMP or LEMP web stack.
For more information about how to configure sudo, check out our guide on how to edit the sudoers file.