How to grant root level access to non root user
 

Dear Guys,

I am using CentOS 5.5 and need to create multiple OS users who should have root level access to administer the system. How can I achieve that? I was trying to implement it using /etc/sudoers but in that case if a user executes sudo su - then it turns to be a root user without giving 'root' password. Please help me to implement the same.

add the user in wheel group

and mention the username in sudoers file

Hi,

I'm not quite sure what you are trying to achieve. You want to give these users root power but not give them root power?

If you there is a set of specific commands that you want them to be able to run as root, then you can achieve that using sudo.

Eg if you want to allow "fred" to run yum and rpm, but do nothing else with root permissions, then you could use something like the following in your /etc/sudoers

Check the sudoers man page and have a search for online tutoials for more information.

HTH,

Evo2.

---------- Post added 2012-02-28 at 16:00 ----------

Hi,

I'm not quite sure what you are trying to achieve. You want to give these users root power but not give them root power?

If you there is a set of specific commands that you want them to be able to run as root, then you can achieve that using sudo.

Eg if you want to allow "fred" to run yum and rpm, but do nothing else with root permissions, then you could use something like the following in your /etc/sudoers

Check the sudoers man page and have a search for online tutoials for more information.

HTH,

Evo2.

option gives root access.

Dear Deee27ak,

I have implemented the same but when user writes # sudo su and press enter it logins to root as it shows root@localhost. I don't want the user to login as root but all root level permission should be allowed in users login. Is that possible?

That doesn't make sense at all. If you give root privileges to an user then the user can become whichever user he wants using su, including the root user. That is a part of having root privileges.
It may be that we are misunderstanding you, please elaborate what exactly you are trying to achieve.

If you are giving root privilege to user it means he/she will act as a root but if you want to give limited authentication for running few commands then you can follow evo2 guidelines and specify the passwords which your user can use using sudo. In that case he wont be allowed to login as root

"sudo -i" is preferable as it provide a full root environment as well.

"sudo su -" is evil.

I really think you should point out that is a joke...

@U+221E: not a great introduction for a first time poster! Joke or not (as Chris pointed out) this is not the kind of answers expected here at LinuxQuestions. There are a lot of newbies around here that could take seriously your suggestion and compromise their system security. They deserve a wiser guidance, instead. Please refrain from posting such rubbish in the future. Thanks.

Dear Guys,

Thanks for guiding me and making me to learn user management in linux. Can you please let me know how can I restrict users to use sudosh so that I can log each and every activity of user being logged in.

Well, as it says here http://linux.die.net/man/1/sudosh
[quote]
sudosh can be used as a default login shell ...
[/code]
so use usermod http://linux.die.net/man/8/usermod to change his shell to that.

Dear Chris01,

I have installed sudosh-1.8.2-2.el5.rf.x86_64 rpm and edited user as 'usermod -s sudosh test' but test user is unable to login as 'Access Denied' message keep coming until i executed 'usermod -s /bin/sh test'. Also it doesn't created /var/log/sudosh directory. Can you please assist?

Hi,

for one thing I'm pretty sure you'll need to specify the full path to sudosh in the usermod call. Eg
Evo2.