Granting SUDO access to a local user account in RHE

Views:
 
Category: Entertainment
     
 

Presentation Description

No description available.

Comments

Presentation Transcript

slide 1:

LinuxTechLab.com Granting SUDO access to a local user account in RHEL/CentOS Originally published on LinuxTechLab.com

slide 2:

It has always been advised that use of ‘root’ account should be limited as root has access to anything everything on a Linux system. And also sharing root password to a number of users is clearly a security threat but use of root’s administrative right might be necessity in some cases. So we can provide some trusted users with sudo access/administrative rights without actually sharing root’s password with them. After they are given the access trusted users can then run any command prefixed with ‘sudo’ will then be prompted for a password. Once authenticated command is executed as if it has been executed by root account. There are two things that we do to configure administrative access to users • If having a number of users that require administrative privileges we can add them all to an already created administrative group named “wheel” • Or if administrative rights are only needed for a single user than we can only create any entry for that user. Administrative access to number of users Firstly if not already created add all the users that require sudo/admin access user add dan assign them password passwd dan Once all the users have been added we will now edit /etc/sudoers file. Sudoers file is define policies applied to ‘sudo’. To edit the file run visudo This will open the file /etc/sudoers we now need to find section that contains ‘wheel’ group. Allows people in group wheel to run all commands wheel ALLALL ALL Search for ‘wheel’ uncomment the line by removing ‘’ its commented by default. Save then exit the file after editing it. Now we will add all our users to group ‘wheel’.

slide 3:

To add a user to group ‘wheel’ run usermod -aG wheel dan Similarly add other users as well. Now all the added users have administrative privileges To check log in as a local user run any command with adding sudo before command su dan sudo systemctl restart network You will be presented with the following output on the screen enter the password for user command will be executed. We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: 1 Respect the privacy of others. 2 Think before you type. 3 With great power comes great responsibility. sudo password for dan: Adding only a single user To add only a single user with administrative rights open ‘/etc/sudoers’ file make an entry for the user visudo add the following line at the bottom of the file dan ALLALL ALL Save exit the file. User ‘dan’ now has administrative rights. You can check the user’s right by using the same process as we used above. If you think we have helped you or just want to support us please consider these :- Connect to us: Facebook | Twitter | Google Plus LinuxTechLab.com

authorStream Live Help