Saturday, 18 November 2017

Red Hat Linux 7 Super User Commaand

SU COMMAND (Super User)

When a user executes the su command, they are prompted for the root password and, after
authentication, they are given a root shell prompt.
Using the su command, the user is the root user and has absolute administrative access to the system. This access is still subject to the restrictions imposed by SELinux, if it is enabled. In addition, once a user has become root, it is possible for them to use the su command to change to any other user on the system without being prompted for a password. Because this program is so powerful, administrators within an organization may want to limit who has access to the command. One of the simplest ways to do this is to add users to the special administrative group called wheel. To do this, type the following command as root:
abc# usermod -a -G wheel username
In the previous command, replace username with the user name you want to add to the wheel group.
You can also use the Users settings tool to modify group memberships, as follows. You need
administrator privileges to perform this procedure.
1. Press the Super key to enter the Activities Overview, type Users and then press Enter. The
Users settings tool appears. The Super key appears in a variety of guises, depending on the
keyboard and other hardware, but often as either the Windows or Command key, and typically
to the left of the Spacebar.
2. To enable making changes, click the Unlock button, and enter a valid administrator password.
3. Click a user icon in the left column to display the user's properties in the right pane.
4. Change the Account Type from Standard to Administrator. This will add the user to the
wheel group.
After you add the desired users to the wheel group, it is advisable to only allow these specific users to use the su command. To do this, edit the Pluggable Authentication Module (PAM) configuration file for su, /etc/pam.d/su. Open this file in a text editor and uncomment the following line by removing the # character:
This change means that only members of the administrative group wheel can switch to another user
using the su command.
NOTE
The root user is part of the wheel group by default.


at

1 comment:

  1. Unknown19 January 2018 at 07:16

    Hi muhammad imran, which is last line to edit.. in /etc/pam.d/su file... you're mentioning this file in CentOS or RHEL7 right.. ?

    ReplyDelete

Subscribe to: Post Comments (Atom)