2014/07/08
|
| [1] | Add an User "cent" as an example below. |
| [root@dlp ~]#
useradd cent
[root@dlp ~]#
passwd cent
Changing password for user cent. New UNIX password:
# set password
Retype new UNIX password:
# confirm
passwd: all authentication tokens updated successfully. [root@dlp ~]#
# logout
|
| [2] | Try to switch to a user that was added above. |
| dlp login:
cent
# input user name
password:
# password
[cent@dlp ~]$
su -
# switch to root
Password:
# root password
[root@dlp ~]#
# just switched to root
|
| [3] | Make a user be only a user who can switch to root as an administration user. (it's 'cent' in this example) |
| [root@dlp ~]#
usermod -G wheel cent
[root@dlp ~]#
vi /etc/pam.d/su
#%PAM-1.0 auth sufficient pam_rootok.so # Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group.
# uncomment the following line
auth required pam_wheel.so use_uid auth substack system-auth auth include postlogin account sufficient pam_succeed_if.so uid = 0 use_uid quiet account include system-auth password include system-auth session include system-auth session include postlogin session optional pam_xauth.so |
| [4] | To forward to emails for root user to another user, set like follows. (it's 'cent' in this example) |
[root@dlp ~]#
vi /etc/aliases
# Person who should get root's mail
[root@dlp ~]#
# last line: uncomment and change to a user
root:
cent
# reload
|
Nenhum comentário:
Postar um comentário