Mastering Cron Jobs in Linux: A Comprehensive Guide with Examples

Introduction:

Cron jobs are an indispensable tool in the world of system administration and automation. They allow users to schedule tasks to run periodically at fixed intervals, making them essential for automating routine tasks, such as backups, log rotations, and system maintenance. In this blog post, we'll delve into the world of cron jobs, exploring what they are, how they work, and providing practical examples to help you harness their power effectively.

What are Cron Jobs?

Cron is a time-based job scheduler in Unix-like operating systems, including Linux and macOS. It enables users to schedule tasks (referred to as cron jobs) to run periodically at specified times or intervals. These tasks can range from simple commands to complex scripts and programs.

Syntax and Components:

Cron jobs are defined using a specific syntax that consists of five fields:

 

* * * * * command_to_execute
|   |  |  |  |
|   |  |  | +----- Day of week (0 - 7) (Sunday is 0 or 7)
|   |  | +------- Month (1 - 12)
|   |  +--------- Day of month (1 - 31)
|   +----------- Hour (0 - 23)
+------------- Minute (0 - 59)

Syntax Examples:

1. Run a Script Every Hour:

0 * * * * /path/to/script.sh

This cron job executes the script `/path/to/script.sh` every hour, on the hour.

2. Run a Command Daily at Midnight:

0 0 * * * command_to_run

This cron job executes `command_to_run` every day at midnight (00:00).

3. Run a Task Every 15 Minutes:

*/15 * * * * command_to_execute

This cron job runs `command_to_execute` every 15 minutes.

4. Run a Task Every Weekday at 8:00 AM:

0 8 * * 1-5 command_to_execute

This cron job executes `command_to_execute` at 8:00 AM from Monday to Friday.

5. Run a Job Monthly on the 1st at Noon:

0 12 1 * * command_to_execute

This cron job runs `command_to_execute` at noon on the 1st day of every month.

Command Examples:

1. Open Cron Configuration File:

   Start by editing the cron configuration file. Use your preferred text editor, such as nano or vim:

#sudo vim /etc/crontab

or

# crontab -e 

or

# crontab -e -u harry

This command you can use to set  the cron jobs for the harry user.

2. Adding a Cron Job:

   Suppose you want to schedule a script to run every day at 2:00 AM. You would add a line like this to the cron configuration file:

   0 2 * * * /path/to/your/script.sh

   Replace `/path/to/your/script.sh` with the actual path to your script.

3. Save and Exit:

   After adding your cron job, save the file and exit the text editor.

4 Verify the Cron Job:

   

To ensure that the cron job was added successfully, you can list the current cron jobs using the following command:

  sudo crontab -l

   This command will display all the cron jobs configured for the root user.

  sudo crontab -l -u harry

   This command will display all the cron jobs configured for the harry user.

5. Delete Cron jobs:

  sudo crontab -r -u harry

   This command will remove all the cron jobs configured for the harry user.

6. Restart the Cron Service:

   It's a good practice to restart the cron service to apply any changes made to the cron configuration file:

#sudo systemctl restart crond

7. Viewing Logs (Optional):

   If your cron job is not running as expected, you can check the cron logs to troubleshoot the issue. The cron logs are typically located at `/var/log/cron`.

#tail -f  /var/log/cron

That's it! You've now successfully set up a cron job on Linux. Your script will execute at the specified time according to the cron schedule you've configured.

Conclusion:

Cron jobs are an invaluable tool for automating repetitive tasks on Unix-like systems. By understanding the syntax and components of cron jobs and exploring practical examples, you can effectively leverage them to streamline your workflow and improve system efficiency. Experiment with different cron job configurations to tailor automation solutions to your specific needs and maximize productivity. With mastery of cron jobs, you'll unlock a powerful arsenal for automating tasks and managing your system with precision and ease.

A Step-by-Step Guide to Installing MongoDB on Oracle Linux 8 | How to install MongoDB on RedHat 8/ Rocky Linux 8

Introduction:
MongoDB is a powerful, open-source NoSQL database that provides flexibility and scalability for modern applications. In this guide, we'll walk through the process of installing MongoDB on Oracle Linux 8 and configuring it to ensure security best practices are followed.

Step 1: Prerequisites

Before we begin, make sure you have:

1. An instance of Oracle Linux 8 set up and running.

2. Root or sudo access to the server.

Step 2 – Install  MongoDB 

1. Open a terminal window on your Oracle Linux 8 server and update it.

#yum update

  After patch update make sure you reboot the server 

2. Add the MongoDB repository to your system:

#vim /etc/yum.repos.d/mongodb-org-4.4.repo

Add the following contents:

[mongodb-org-4.4]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.4/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.4.asc

Save and close the file once you are done.

3. Install MongoDB:

# sudo dnf install -y mongodb-org

4. Start the MongoDB service and enable it to start on boot:

# sudo systemctl start mongod

# sudo systemctl enable mongod

# mongod --version

Step 3: Configure MongoDB

1. Open the MongoDB configuration file:

# sudo vim /etc/mongod.conf

2. Bind MongoDB to localhost or IP:

bindIp: 127.0.0.1

3. Enable authentication:

security:
  authorization: enabled

4. Save and close the file.

Step 4: Secure MongoDB

1. Create an administrative user:

First, connect to the MongoDB instance with the command 

# mongo

Once you are connected, create a database named admin using the following command:

use admin

Next, create an admin user and set a password with the following command:

db.createUser(
  {
    user: "admin",
    pwd: passwordPrompt(),
    roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
  }
)

You will be asked to set a password.

2. Exit the MongoDB shell:

exit

3. Restart MongoDB to apply the changes:

# sudo systemctl restart mongod

Step 5: Test MongoDB Authentication

1. Open the MongoDB shell as the administrative user:

# mongo -u admin -p --authenticationDatabase admin

or 

#mongo --port 27017 --authenticationDatabase admin -u admin -p

2. You'll be prompted to enter the password for the admin user.

3. Once logged in, you can create additional users and databases as needed.

Step 6 – Create a Database in MongoDB

In this section, we will show you how to interact with the MongoDB database.

To create a database named testdb, run the following command:

use testdb

Next, add some data to the testdb database using the following command:

db.person.insertOne(
  { "Nirmal Singh" : "20",
   "Tom " : "18",
   "Harry" : "25"
  }
)

You can now list available databases using the following command db prompt:

db

You will get the following output:

testdb

To show documents in your database, run the following command:

show collections

You will get the following output:

person

To show the contents of your database collection, run the following command:

db.person.find()

You will get the output for all records:

To switch the database to admin, use the following command:

use admin

To list all users, run the following command:

db.getUsers()

You will get a list of all users in the following output formate:

[
	{
		"_id" : "admin.admin",
		"userId" : UUID("504b73he-aaed-4ad9-bb60-4fb8df334709"),
		"user" : "admin",
		"db" : "admin",
		"roles" : [
			{
				"role" : "userAdminAnyDatabase",
				"db" : "admin"
			},
			{
				"role" : "readWriteAnyDatabase",
				"db" : "admin"
			}
		],
		"mechanisms" : [
			"SCRAM-SHA-1",
			"SCRAM-SHA-256"
		]
	}
]

Step 7: Firewall Configuration (Optional)

If you have a firewall enabled on your server, you may need to open the MongoDB port (default is 27017) to allow external connections. Use the following command to open the port:

# sudo firewall-cmd --zone=public --add-port=27017/tcp --permanent
# sudo firewall-cmd --reload

Conclusion:

Congratulations! You've successfully installed MongoDB on Oracle Linux 8 and configured it to ensure security. By following these steps, you can confidently deploy MongoDB for your applications while adhering to best practices for database security. Remember to regularly update MongoDB and review your security measures to protect your data effectively.

A Comprehensive Guide to Linux Access Control Lists (ACLs)

Introduction:

Access Control Lists (ACL) in Linux provide a powerful and flexible way to manage permissions beyond the traditional read, write, and execute settings. ACLs enable fine-grained control over file and directory access, allowing administrators to grant or restrict permissions for specific users and groups. In this blog, we will delve into the world of ACLs in Linux, exploring their features, usage, and practical examples.

Understanding ACLs:

Linux file permissions are typically set using the user-owner, group-owner, and others' triplets, denoted by characters like "rwx" (read, write, execute). While this scheme is effective, it may lack the granularity needed in certain scenarios. ACLs address this limitation by providing a more nuanced approach to permissions.

The Linux filesystem gives us three types of permissions. Here is a simplified review:

• User (or user owner)
• Group (or owner group)
• Other (everyone else)

With these permissions, we can grant three (actually five, but we’ll get to that in a minute) types of access:

• Read
• Write
• eXecute

These levels of access are often adequate in many cases. Say that you have a directory where files from the accounting department live. You might set these permissions to:

Key Features of ACLs:

1. Granular Control:

   ACLs allow you to define specific permissions for individual users and groups, going beyond the traditional owner, group, and others model.

2. Default ACLs:

   Default ACLs determine the permissions set for new files and directories within a specific directory. This feature ensures consistent permissions across newly created items.

3. Mask and Effective Permissions:

   ACLs introduce the concept of a mask, which acts as a filter for the permissions assigned. The effective permissions are then determined by combining the permission bits and the mask.

4. Access Types:

   ACLs support various access types, including read (r), write (w), execute (x), delete (d), and more. This versatility allows administrators to tailor permissions based on specific requirements.

To begin working with ACLs, you need to be familiar with a set of commands that facilitate their management:

1 . Viewing the current ACL

    Use this command to display the ACLs of a file or directory.

  

#getfacl filename

2. Setting an ACL

   Apply this command to set or modify ACLs for a file or directory.

#setfacl -m u:user:permissions filename

   This command helps to remove specific ACL entries from a file or directory for particular user.

#setfacl -x u:user filename

    This command helps to set default ACL on directory.

#setfacl -d -m u:users:rwx /path/to/directory

Practical Examples:

1. Granting Additional Permissions:

  Apply this command to set or modify ACLs for a file or directory for specific user .

#setfacl -m u:john:rw file.txt

  Apply this command to set or modify ACLs for a file or directory for specific group .

#  setfacl -m g:groupname:rwx  /path/to/directory

  Apply this command to set or modify ACLs for a file or directory for specific user .

#setfacl -m  john:rw file.txt

Note: When we want to set a group ACL, we need to specify this by putting g: in front of the group’s name. For users, just change the g to a u, but setfacl will assume we are talking about a user if you don’t put anything in that spot.

2. Setting Default ACLs :

 Note: Only directories can have default ACLs  

  Apply this command to set default ACLs for  a directory for specific user .

#setfacl -d -m u:users:rwx /path/to/directory

  Apply this command to set default ACLs for  a directory for specific group.

# setfacl -d -m g:groupname:rwx /path/to/directory

3. Removing ACL Entries:

  Apply this command to remove ACLs for  a file or directory  for specific group .

#setfacl -x g:groupname /path/to/file

   Apply this command to remove ACLs for  a file or directory  for specific user   

#setfacl -x u:username  /path/to/file

  To remove all the ACLs entry from file or directory 

#setfacl -b   /path/to/file

Conclusion:

Access Control Lists in Linux offer a robust solution for managing permissions in a fine-grained manner. Understanding how to leverage ACLs empowers administrators to control access to files and directories with greater precision. By incorporating ACLs into your Linux system administration toolkit, you enhance security and flexibility, ensuring that resources are accessible only to those who truly need them.

A Step-by-Step Guide to Configuring Samba Server on Red Hat/CentOS/Rocky Linux 8

Introduction:

Samba, an open-source implementation of the SMB/CIFS networking protocol, enables seamless file and print sharing between Linux and Windows systems. Configuring a Samba server on Red Hat 8 is a straightforward process that allows you to create a shared network resource accessible from various operating systems. In this step-by-step guide, we'll walk you through the process of setting up a Samba server on Red Hat 8.

Prerequisites:

1.  Red Hat 8 Installation:

   Ensure that you have a Red Hat 8 system up and running.

2. Root or Sudo Access:

   You need administrative privileges to install and configure packages.

 Step 1: Install Samba Package:

Open the terminal and use the following command to install the Samba package:

#sudo dnf install samba samba-common samba-client

 

Step 2: Configure Samba:

1. Backup the Original Configuration:

   Before making any changes, it's wise to back up the original configuration file:

#sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.bak

 

2. Edit the Samba Configuration File:

   Use your preferred text editor to open the Samba configuration file:   

   Update the file according to your preferences. Below are some essential configurations:

#sudo vim /etc/samba/smb.conf

 [global]
       workgroup = WORKGROUP
       server string = Samba Server %v
        security = user

   [sharename]
       path = /DATA/Samba_share
       writable = yes
       browseable = no 
       guest ok = no
       valid users = user1 user2 @smb_group
       hosts allow = 127.  192.168.1.

  

   - `workgroup`: Set the workgroup name (default is WORKGROUP).

   - `server string`: Add a description for your Samba server.

   - `security`: Set to "user" for user-level security.

   Adjust the `[sharename]` section according to your needs.

Step 3: Create a Samba User and group:

Create a Samba user and set a password. This user should have access to the shared folder.

#sudo groupadd smb_group 
#sudo useradd -M username
#sudo smbpasswd -a username 

 

If you are managing access through group  add user in group too

#sudo usermod -aG smb_group  username

 

Step 4: Create the Shared Folder:

Create a folder to be shared and adjust permissions:

#sudo mkdir -p /DATA/Samba_share
#sudo chown  root:smb_group -R /DATA/Samba_share
#sudo chmod  0775 -R /DATA/Samba_share

 

Step 5: Start and Enable Samba Service:

Start the Samba service and enable it to start at boot:

#sudo systemctl enable smb
#sudo systemctl start smb 

#sudo systemctl status smb

Step 6: Configure Firewall:

If the firewall is active, allow Samba traffic:

#sudo firewall-cmd --add-service=samba --permanent

#sudo firewall-cmd --reload 

 

Step 7: Configure selinux:  

if the selinux is enabled set context  

#sudo chcon -t samba_share_t  /DATA/Samba_share

#sudo chown -R root:smb_group /DATA/Samba_share

 

Step 8: Test the Configuration:

Access the shared folder from a Windows or Linux machine using the Samba user credentials.

Here we have some commands to verify on Linux Server 

 A . Connect to a Samba Share:

#smbclient //server/sharename -U username 

 

- Replace `server` with the hostname or IP address of the Samba server.

- Replace `sharename` with the name of the shared folder.

- Replace `username` with the Samba username.

If you didn't specify a password during connection, you can enter it interactively:

B. List Files on the Samba Share:

Once connected, you can list files on the Samba share using:

#smb: \> dir

 

C. Download and Upload a File from the Samba Share:

To download a file from the Samba share to your local machine:

#smb: \> get filename 

 

- Replace `filename` with the name of the file you want to download.

D. Upload a File to the Samba Share:

To upload a file from your local machine to the Samba share:

#smb: \> put localfile 

 

- Replace `localfile` with the name of the file you want to upload.

E. Change Directory on the Samba Share:

Navigate to a specific directory on the Samba share:

#smb: \> cd directory 

 

- Replace `directory` with the name of the target directory.

F. Delete a File on the Samba Share:

To delete a file on the Samba share

#smb: \> del filename 

 

- Replace `filename` with the name of the file to be deleted.

G. Exit `smbclient`:

To exit the `smbclient` session:

#smb: \> exit 

 

These `smbclient` commands provide a basic set of functionalities for interacting with Samba shares. You can explore additional options and features by referring to the `smbclient` manual (`man smbclient`) or by typing `help` within the `smbclient` interactive session. This tool is invaluable for testing your Samba server configuration and ensuring seamless file sharing across your network.

Bonus:

The pdbedit --list command can be used to list the user that have been added to the SMB database. The output should be identical to the smb.passwd file.

#pdbedit --list

The smbpasswd command with the -x option can be used to delete a user from the SMB database.

 

#smbpasswd -x username

 

Congratulations! You have successfully configured a Samba server on Red Hat 8 or any RPM based server, allowing seamless file sharing across your network.

Closing Thoughts:

Configuring a Samba server on Red Hat 8 is a valuable skill for anyone working in a mixed operating system environment. With this guide, you can easily set up a Samba server and enhance collaboration between Linux and Windows systems on your network. Happy sharing!

Mastering User and Group Management in Linux | User and group Management in Linux

 

User management is a fundamental aspect of Linux system administration. Whether you're a seasoned sysadmin or a Linux enthusiast, understanding the essential commands for user management is crucial. In this blog post, I we'll explore Linux commands that will empower you to efficiently manage users and group on Linux system

What is user ?

Every process (running program) on the system runs as a particular user. Every file is owned by a particular user. Access to files and directories are restricted by user. The user associated with a running process determines the files and directories accessible to that process. 

id command is used to show current logged-in user, also you can use id command to see the basic information about other user 

$id 
uid=1000(nirmal) gid=1000(nirmal) groups=1000(nirmal)

or 

$id root
uid=0(root) gid=0(root) groups=0(root)

To view user associated with a file or directory, you can use ls -l  command

$ls -l  /home

To view process associated with a user  you can use ps   command

$ps au

To switch user from one user to another user 

$ su - username 

or 

$su  username 

Database files for User  and group 

/etc/passwd

By default, systems use a simple "flat file," the /etc/passwd file, to store information about local users. The format of /etc/passwd follows (seven colon-separated fields) 

username : password : UID : GID : GECOS : HomeDir : Shell 

/etc/shadow

Then file /etc/shadow is used to store password information 
for all users in Linux 

/etc/group

Then file /etc/group is used to store group information 
for all the group in Linux 

/etc/gshadow

Then file /etc/gshadow is used to store password information 
for all group in Linux

 

What is a group? 

Like users, groups have a name and a number (GID). Local groups are defined in /etc/group 

There are two types of group used in Linux 

1 - Primary Group 

2 - Supplementary groups or Secondary Group  

Managing Local User Accounts 

UID ranges

• UID 0 is always assigned to the superuser account, root.

• UID 1-200 is a range of "system users" assigned statically to system processes by Red Hat.

• UID 201-999 is a range of "system users" used by system processes that do not own files onthe file system. They are typically assigned dynamically from the available pool when thesoftware that needs them is installed. Programs run as these "unprivileged" system users inorder to limit their access to just the resources they need to function.

• UID 1000+ is the range available for assignment to regular users. 

* To create user  

#useradd username 

 

* To set password to a user 

#passwd username 

 

* To create user with specific UID 

#useradd -u 1010 username 

 

* To create a user with specific group "supplementary groups" , shell and user with single command 

#useradd  -G groupname  -s /sbin/nologin -u 1010  username 

 

* To create user with user description 

#useradd   -c  "IT Department"   username 

 

* To create a user with specific expiry date 

#useradd -e 2024-12-31  username 

* To create a system user 

#useradd -r  username 

 

* To create a user without home Directory 

#useradd -M username 

 

* To create a user  with specific home directory on different location 

#useradd -d /opt/username  username 

 

Options:

  -b, --base-dir BASE_DIR       base directory for the home directory of the

                                new account

  -c, --comment COMMENT         GECOS field of the new account

  -d, --home-dir HOME_DIR       home directory of the new account

  -D, --defaults                print or change default useradd configuration

  -e, --expiredate EXPIRE_DATE  expiration date of the new account

  -f, --inactive INACTIVE       password inactivity period of the new account

  -g, --gid GROUP               name or ID of the primary group of the new

                                account

  -G, --groups GROUPS           list of supplementary groups of the new

                                account

  -h, --help                    display this help message and exit

  -k, --skel SKEL_DIR           use this alternative skeleton directory

  -K, --key KEY=VALUE           override /etc/login.defs defaults

  -l, --no-log-init             do not add the user to the lastlog and

                                faillog databases

  -m, --create-home             create the user's home directory

  -M, --no-create-home          do not create the user's home directory

  -N, --no-user-group           do not create a group with the same name as

                                the user

  -o, --non-unique              allow to create users with duplicate

                                (non-unique) UID

  -p, --password PASSWORD       encrypted password of the new account

  -r, --system                  create a system account

  -R, --root CHROOT_DIR         directory to chroot into

  -P, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files

  -s, --shell SHELL             login shell of the new account

  -u, --uid UID                 user ID of the new account

  -U, --user-group              create a group with the same name as the user

  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping

Managing Local Groups 

1. Basic Group Creation:

   

#groupadd mygroup

 

This command creates a new group named "mygroup."

2. Specify GID (Group ID):

  

#groupadd -g 1001 mygroup

   This command creates a group with the name "mygroup" and specifies the Group ID as 1001. You can replace 1001 with the desired Group ID.

3. Add System Group:

   

#groupadd -r  mygroup 

   

   This creates a system group ("-r" option) .

4. Add Description to Group:

   

#groupadd -r -g 1001 -f "My important group" mygroup 

   

   This creates a system group ("-r" option) with a specific Group ID and a description.

5. Display Group Information:

   

#grep mygroup /etc/group 

 

   After creating the group, you can use `grep` to display group information from the `/etc/group` file.

Remember to replace "mygroup" and the Group ID with your preferred group name and ID. 

Modification of  Local User and group Accounts 

A : Modification of  Local User

The usermod and userdel command in Linux is used to modify user account attributes. Here are some examples:

1. Change User's Home Directory:

   

#usermod -d /path/to/new/home username 

 

2. Change User's password :

   

#passwd  username 

    

3. Change User's Login Name:

   

#usermod -l newusername oldusername 

    

4. Add User to Additional Groups:

   

#usermod -aG group1,group2 username 

    

5. Change User's Shell:

   

 

#usermod -s /path/to/new/shell username 

    

6. Lock/Unlock User Account:

   - Lock:

     

#usermod -L username 

      

   - Unlock:
     

#usermod -U username 

      

7. Set User's Expiry Date:

   

#usermod -e YYYY-MM-DD username 

    

8. Remove User Expiry Date:

   

#usermod -e -1 username 

    

9. Change User's UID (User ID):

   

 

#usermod -u newUID username 

    

10. Delete User Account (Keep Home Directory):

   

   

#userdel username 

 

11. Delete User Account and Home Directory:

      

#userdel -r username 

   The `-r` option removes the user's home directory along with the user account.

12. Force Removal (Even if User is Logged In):

   

#userdel -f username 

 Use this with caution, as it forcefully removes the user, even if they are logged in.

13. Remove Only User's Home Directory:

   

      

#rm -r /home/username 

 

   This is a separate step if you want to keep the user account but remove the home directory manually.

Remember to replace placeholders like `username`, `group1`, `group2`, etc., with your actual usernames and group names. Always double-check your changes to avoid accidental misconfigurations.

B: Modification of  Local Groups

The `groupmod` command in Linux is used to modify group attributes. Here are some examples:

1. Change Group Name:

   

#groupmod -n newgroupname oldgroupname

 

2. Set Password on Group:

   

#gpasswd  groupname

 

3. Change Group GID (Group ID):

   

   

#groupmod -g newGID groupname 

 

4. Add User to Group:

   

     

#usermod -aG newgroupname username 

 

5. Remove User from Group:

  

#gpasswd -d username groupname 

 

6. Change Group Password:

   

#groupmod -p newpassword groupname 

 

Remember to replace placeholders like `newgroupname`, `oldgroupname`, `username`, etc., with your actual group names and usernames. Always double-check your changes to avoid accidental misconfigurations.

C: Managing password expiry of user

The `chage` command in Linux is used to change user password expiry information. Here are some examples:

1. **View Password Expiry Information:**

           

#chage -l username 

 

  This command displays detailed information about the password aging for the specified user.

2. Set Maximum Number of Days between Password Changes:

           

#chage -M 60 username

 

   This example sets the maximum number of days between password changes to 60 for the specified user.

3. Set Password Expiry Date:

          

#chage -E YYYY-MM-DD username 

 

   This example sets the password expiry date for the specified user.

4. Force Password Change on Next Login:

   

           

#chage -d 0 username

 

   This example forces the user to change their password on the next login.

5. Disable Password Expiry:

        

#chage -M -1 username 

    This example disables Account expiry for the specified user.

6. Disable Account Expiry:

  

#chage -E -1 username 

 

   This example disables Account expiry for the specified user.

Remember to replace `username` with the actual username you want to modify. The `chage` command provides flexibility in managing password aging and expiry policies for user accounts on Linux systems.

D : Creating Super User (sudo user) 

To create a superuser (sudo user) in Red Hat 8 or similar distributions, you can follow these steps:

1. Create a New User:

        

#useradd superusername 

#passwd  superusername

 

   Replace `superusername ` with the desired username for the new sudo user. 

2. Add the User to the sudo Group:

   

#usermod -aG wheel superusername 

 

   This command adds the user to the `wheel` group, which is typically configured to have sudo privileges.

3. Verify sudo Access:

   Switch to the new user and try running a command with sudo to verify access.

       

#su - superusername
$sudo some_command

 

   Replace `some_command` with the actual command you want to run with sudo.

Note : You can also create sudo user by editing in sudoers file like

  

#vim /etc/sudoers 

superusername    ALL=(ALL)       ALL

 

save the file 

* If you wanted password less sudo user make entry like this 

#vim /etc/sudoers 

superusername    ALL=(ALL)      NOPASSWD: ALL

 

save the file 

   

#su - superusername
$sudo some_command

 

Now, the newly created user should have sudo privileges on your

Red Hat 8 system. Remember to replace `superusername ` with the chosen username for your new sudo user.