Interested to Buy Any Domain ? << Click Here >> for more details...
How to give the root permision to users?
- 3 Answers
- 11092 Views
- Wipro, I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / amsin21
The sudo command stands for "superuser do". If a server
needs to be administered by a number of people it is
normally not a good idea for them all to use the root
account. This is because it becomes difficult to determine
exactly who did what, when and where if everyone logs in
with the same credentials. The sudo utility was designed to
overcome this difficulty.
The sudo utility allows users defined in the /etc/sudoers
configuration file to have temporary access to run commands
they would not normally be able to due to file permission
restrictions. The commands can be run as user "root" or as
any other user defined in the /etc/sudoers configuration file.
The privileged command you want to run must first begin with
the word sudo followed by the command's regular syntax. When
running the command with the sudo prefix, you will be
prompted for your regular password before it is executed.
You may run other privileged commands using sudo within a
five-minute period without being re-prompted for a password.
All commands run as sudo are logged in the log file
/var/log/messages.
In order to use sudo we first need to configure the sudoers
file.
Do not edit directly the file:
To edit it, use the command
# visudo
******Output***************
# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL) ALL
**********************************************
You will see the line
root ALL=(ALL) ALL
This lines means that the user root can execute from ALL
terminals, acting as ALL (any) users, and run ALL (any) command.
The first part is the user, the second is the terminal from
where the user can use sudo, the third is as which user he
may act, and the last one, is which commands he may run.
Example:
Granting Access To Specific Users To Specific Files
---------------------------------------------------
amsin21, %operator ALL= /sbin/, /usr/sbin,
/usr/local/apps/check.pl
This entry allows user amsin21 and all the members of the
group operator to gain access to all the program files in
the /sbin and /usr/sbin directories, plus the privilege of
running the command /usr/local/apps/check.pl. Notice how the
trailing slash (/) is required to specify a directory location:
Granting Access to Specific Files as Another User
-------------------------------------------------
The sudo -u entry allows allows you to execute a command as
if you were another user, but first you have to be granted
this privilege in the sudoers file.
This feature can be convenient for programmers who sometimes
need to kill processes related to projects they are working
on. For example, programmer amsin21 is on the team
developing a financial package that runs a program called
monthend as user accounts. From time to time the application
fails, requiring "amsin21" to stop it with the /bin/kill,
/usr/bin/kill or /usr/bin/pkill commands but only as user
"accounts". The sudoers entry would look like this:
amsin21 ALL=(accounts) /bin/kill, /usr/bin/kill, /usr/bin/pkill
User amsin21 is allowed to stop the monthend process with
this command:
# sudo -u accounts pkill monthend
Granting Access Without Needing Passwords
-----------------------------------------
This example allows all users in the group operator to
execute all the commands in the /sbin directory without the
need for entering a password. This has the added advantage
of being more convenient to the user:
%operator ALL= NOPASSWD: /sbin/
Using Aliases in the sudoers File
---------------------------------
Sometimes you'll need to assign random groupings of users
from various departments very similar sets of privileges.
The sudoers file allows users to be grouped according to
function with the group and then being assigned a nickname
or alias which is used throughout the rest of the file.
Groupings of commands can also be assigned aliases too.
In the next example, users amsin21, amsin211 and amsin212
and all the users in the operator group are made part of the
user alias ADMINS. All the command shell programs are then
assigned to the command alias SHELLS. Users ADMINS are then
denied the option of running any SHELLS commands and su:
Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, \
/usr/bin/ksh, /usr/local/bin/tcsh, \
/usr/bin/rsh, /usr/local/bin/zsh
User_Alias ADMINS = amsin21, amsin211, amsin212, %operator
ADMINS ALL = !/usr/bin/su, !SHELLS
This attempts to ensure that users don't permanently su to
become root, or enter command shells that bypass sudo's
command logging. It doesn't prevent them from copying the
files to other locations to be run. The advantage of this is
that it helps to create an audit trail, but the restrictions
can be enforced only as part of the company's overall
security policy.
| Is This Answer Correct ? | 11 Yes | 1 No |
Answer / susheel narayan singh hcl
if you want to create user as like root or root privilege
then -
# useradd -u 0 -g 0 -o susheel
| Is This Answer Correct ? | 2 Yes | 0 No |
Answer / manoj
same as above but it's more than we expect..
simply edit vi /etc/sudoers file
Defaults env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL) ALL
**********************************************
You will see the line
root ALL=(ALL) ALL
| Is This Answer Correct ? | 2 Yes | 1 No |
What will happen when we invoke a system call and say with an example of invoking a system call ?read? for a device?
how to create samba server in fedora linux 9 ?
if one of the critical section code (linked list) is under ISR & another one in kernel thread ? How you will synchronize for this critical section code ?
what is iptabe on redhat linux?
what is bus trap.
What is the Diffrent between Redhat linux And suse linux
what is the difference between user APIs and kernel system calls ?
what is nis server
1. Where the History file can be located? 2. How will you harden the server? 3. Diff between Raid 1 and Raid 5? 4. What is the largest disk size can be used in LVM? 5. How will you remove a PV from lvm without any data loss? 6. What is the diff between ext3 and ext2 File system? 7. How we can use resize2fs, what is the purpose? 8. What is the purpose of LVM? Why it is used? 9. If the FS is in read-only mode, so we cannot create any file. How will you fix it? 10. How to create swap partition after OS installation? 11. What is the diff between ssh and telnet? 12. How to find out the dependency required for a package?
diff b/w spinlock, seamaphores and mutex and where to use it.
What is the use of proc structure?
what is stored in /proc ? what is significance of /proc in linux ?
Linux Commands 
