Give root privileges without giving root shell
If you have a team of Linux Sysadmins, and would like the team to have root privileges, but would not want to give a shell to them, this is what you need to do.
You will need to familiarise yourself with a package called sudo. Let's say you have a sysadmin named admin1.
All you need to do is:
Create an account for admin1 then edit the sudo configuration file called sudoers.
Create new user
# adduser admin1
Set the new users password
# passwd admin1
Change to etc folder
# cd /etc
Edit sudo config file
# vi sudoers
Add the lines below to sudoers
## Shell and SU
Cmnd_Alias NSHELLS = /bin/sh,/bin/bash
Cmnd_Alias NSU = /bin/su
admin1 ALL=(ALL) ALL
It is that simple. Does not take too long and now you can keep the root password separate and do not need to disclose it to other sys admins.
by Renato de Oliveira
No comments:
Post a Comment