It is easy, and very important topic: the creation of different users who have accesses with different privileges. Even though the root user is the superuser who has all the privileges within the system, it is a risk to start client services with root, since the user could start or kill services that could compromise the security of the system.
However, it is necessary to use the root user to create the users, at least the second user within the system. Another option is to create the user from some other superuser (via su) or by typing sudo before each command. When creating a user, it is necessary to define a name and password by means of the following command:
useradd -m -G sales john
In this example we create the user juan, add it to the sales group (with the -G option) and create its directory (which will be /home/john)
To add a password, the following command is sufficient, where we add the password and its confirmation.
To create a user and add it to a group, it is important to have previously created the group, if it has not been done, it is sufficient to execute the following command with the name of the group:
How to make my user a superuser
To make a superuser, it must belong to the root group, which must be assigned from the creation of the user, or by adding it like this:
usermod -aG sudo john
Where juan will be part of the sudo group (For Ubuntu distributions). If using a CentOS or derived distribution, the wheel group is used:
usermod -aG wheel username
And after adding the user as superuser, we test it by accessing superuser mode like so:
su - john
Or by accessing any command with superuser when using sudo:
And entering the password of the superuser user.
How to see the existing users and groups on my server?
As superuser you can see the users with the users command and the groups with the groups command. The group information is stored in the /etc/group file and the users information, as well as their home directories are located in /etc/passwd, however if the passwords are encrypted, they are stored in the file /etc/shadow.