Redhat7:privileges

From Define Wiki
Revision as of 11:08, 23 February 2015 by K mouza (talk | contribs) (→‎The SU Command)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

The SU Command

When the SU command is executed by a user they are asked for the root password. Once the password is given they are presented with the root shell.

Given the root prompt, the user becomes the root user and has all privileges of the root user. The root user hbas the authority to change users and settings across the system without requiring a password.

Given the level of access available from the root user, such rights should be restricted to specific users. The simplest way to achieve this is to add those users who should have access to a special group called 'wheel', and can be done using the user commands. 

usermod -G wheel <username>

After you add the desired users to the wheel group, it is advisable to only allow these specific users to use the su command. To do this, edit the PAM configuration file for su, /etc/pam.d/su. Open this file in a text editor and uncomment the following line by removing the # character: 

#auth           required        pam_wheel.so use_uid
Retrieved from "http://wiki.define-technology.com/mediawiki-1.35.0/index.php?title=Redhat7:privileges&oldid=6011"