How to grant root level access to non root user
Dear Guys,
I am using CentOS 5.5 and need to create multiple OS users who should have root level access to administer the system. How can I achieve that? I was trying to implement it using /etc/sudoers but in that case if a user executes sudo su - then it turns to be a root user without giving 'root' password. Please help me to implement the same. |
add the user in wheel group
Code:
#vi /etc/group Code:
#vi /etc/sudoers |
Hi,
I'm not quite sure what you are trying to achieve. You want to give these users root power but not give them root power? If you there is a set of specific commands that you want them to be able to run as root, then you can achieve that using sudo. Eg if you want to allow "fred" to run yum and rpm, but do nothing else with root permissions, then you could use something like the following in your /etc/sudoers Code:
fred ALL = PASSWD: /usr/bin/yum, /bin/rpm HTH, Evo2. ---------- Post added 2012-02-28 at 16:00 ---------- Hi, I'm not quite sure what you are trying to achieve. You want to give these users root power but not give them root power? If you there is a set of specific commands that you want them to be able to run as root, then you can achieve that using sudo. Eg if you want to allow "fred" to run yum and rpm, but do nothing else with root permissions, then you could use something like the following in your /etc/sudoers Code:
fred ALL = PASSWD: /usr/bin/yum, /bin/rpm HTH, Evo2. |
Code:
sudo -s |
Dear Deee27ak,
Quote:
|
Quote:
It may be that we are misunderstanding you, please elaborate what exactly you are trying to achieve. |
If you are giving root privilege to user it means he/she will act as a root but if you want to give limited authentication for running few commands then you can follow evo2 guidelines and specify the passwords which your user can use using sudo. In that case he wont be allowed to login as root
|
Quote:
"sudo su -" is evil. |
<moderated>
|
I really think you should point out that is a joke...
|
@U+221E: not a great introduction for a first time poster! Joke or not (as Chris pointed out) this is not the kind of answers expected here at LinuxQuestions. There are a lot of newbies around here that could take seriously your suggestion and compromise their system security. They deserve a wiser guidance, instead. Please refrain from posting such rubbish in the future. Thanks.
|
Dear Guys,
Thanks for guiding me and making me to learn user management in linux. Can you please let me know how can I restrict users to use sudosh so that I can log each and every activity of user being logged in. |
Well, as it says here http://linux.die.net/man/1/sudosh
[quote] sudosh can be used as a default login shell ... [/code] so use usermod http://linux.die.net/man/8/usermod to change his shell to that. |
Dear Chris01,
I have installed sudosh-1.8.2-2.el5.rf.x86_64 rpm and edited user as 'usermod -s sudosh test' but test user is unable to login as 'Access Denied' message keep coming until i executed 'usermod -s /bin/sh test'. Also it doesn't created /var/log/sudosh directory. Can you please assist? |
Hi,
for one thing I'm pretty sure you'll need to specify the full path to sudosh in the usermod call. Eg Code:
usermod -s /bin/sudosh test |
All times are GMT -5. The time now is 05:00 AM. |