LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-08-2009, 02:41 PM   #1
sultf
LQ Newbie
 
Registered: Jan 2009
Posts: 6

Rep: Reputation: 0
How do I enforce in Red hat linux that only root user be a member of the "root" group


I don't want any other user to be part of "root" group except user root.
 
Old 01-08-2009, 03:50 PM   #2
alan_ri
Senior Member
 
Registered: Dec 2007
Location: Croatia
Distribution: Debian GNU/Linux
Posts: 1,733
Blog Entries: 5

Rep: Reputation: 127Reputation: 127
First backup your /etc/group file with;
Quote:
cp /etc/group /etc/group.SAVE
from the terminal,then open /etc/group file with the text editor.The first line will be root's group,just delete any user you don't want it there and save the file.
For example,my line looks lke this;
Quote:
root:x:0:root,alan
so if I want only root to be in that group then I would delete alan and the , and then I would save that file.Done.
 
Old 01-08-2009, 04:09 PM   #3
sultf
LQ Newbie
 
Registered: Jan 2009
Posts: 6

Original Poster
Rep: Reputation: 0
Thanks for the reply. But, I don't want anybody to add a user under the root group. e.g If somebody tries to add user by issuing the following cmd, he/she should not succeed.

useradd -g root -p mypasswd myuser
 
Old 01-08-2009, 04:19 PM   #4
jailbait
Guru
 
Registered: Feb 2003
Location: Blue Ridge Mountain
Distribution: Debian Wheezy, Debian Jessie
Posts: 7,474

Rep: Reputation: 155Reputation: 155
Red Hat installs by default to not allow a user to issue the useradd command. They could only do so on your system if you have changed the default configuration.

-----------------------
Steve Stites
 
Old 01-08-2009, 04:42 PM   #5
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 163Reputation: 163
Quote:
Originally Posted by sultf View Post
I don't want any other user to be part of "root" group except user root.
Only root and people allowed to sudo/su would be able to addusers. In neither case are you going to be able to prevent them from adding themselves or other accounts to the root group. You would also need to remove sudo and su access at which point they can't add users or change the groups file.

PS- Secondary thought: Check the perms on your /etc/group file... should be something like 644 (-rw-r--r--)... make sure its not world writable basically.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH Keybased authentication for "root" user on linux. adastane Linux - Networking 2 12-13-2007 03:57 AM
Root user bash shell look like "bash-2.05b#" and /root empty y2pk001 Linux - Security 6 03-22-2007 08:33 PM
Adding an AD authenticated user to the "wheel" group on Red Hat ES kram82 Linux - Security 3 06-22-2006 07:50 AM
Postgresql error FATAL: user "root" does not exist" cgetty Ubuntu 4 06-21-2005 02:11 PM


All times are GMT -5. The time now is 03:51 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration