Performing server administration as a non-root user is a best practice. For security, your first task when deploying an Arch Linux instance at Vultr is to create a non-root user with sudo access.
This guide should apply to any recently updated version of Arch Linux.
As sudo is not included as part of the base installation, it will need to be installed. If you haven't done an update for a while, remember to update your local repository databases first.
# pacman --sync sudo
Create a new user account with the
# useradd --create-home example_user
Set a strong password for the new user with the
# passwd example_user
Add the new user to the wheel group with the
# usermod --append --groups wheel example_user
Edit the sudoers file with the
Look for the wheel group in the 'User privilege specification' section at the bottom of the file. Remove the comment from the beginning of the line, so this it looks like this:
## Uncomment to allow members of group wheel to execute any command %wheel ALL=(ALL) ALL
Save and exit visudo. Type ESC, then :WQ (lowercase), then ENTER.
📝 Note: The visudo utility performs syntax checking before committing your edits to the file. A malformed sudoers file can break your system. Never edit /etc/sudoers directly. For example, if you make an error, you'll see this when exiting visudo.
visudo: >>> /etc/sudoers: syntax error near line 64 <<< What now? Options are: (e)dit sudoers file again e(x)it without saving changes to sudoers file (Q)uit and save changes to sudoers file (DANGER!)
Switch to the new user.
# su - example_user
Verify you are the new user with
whoami, then test sudo access with
sudo whoami, which should return root.
$ whoami example_user $ sudo whoami We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for example_user: root
The new user account is ready to use. As a best practice, use this sudo user for server administration. You should avoid using root for maintenance tasks.