Chinaunix首页 | 论坛 | 博客
  • 博客访问: 26359
  • 博文数量: 10
  • 博客积分: 297
  • 博客等级: 二等列兵
  • 技术积分: 110
  • 用 户 组: 普通用户
  • 注册时间: 2010-04-24 21:20
文章分类
文章存档

2010年(10)

最近访客

分类:

2010-05-24 18:02:30

Let begin by check the 'root' user account.

1. Check user id for ‘root’ user account:
[root@fedora ~]# id root
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)

Explanations of the command output:

A. uid=0(root) The user id for user 'root' user is 0.
B. gid=0(root) the group id for user ‘root’ is 0.
C. groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) The user ‘root’ is belong in groups; root, bin, daemon, sys, adm, disk and wheel.

2. Now we take a look at the passwd, shadow and group files that contain ‘root’ user information:

[root@fedora ~]# less /etc/passwd
root:x:0:0:root:/root:/bin/bash
[root@fedora ~]# less /etc/shadow
root:$1$B2BEWv4X$Gb.QPb6I3RwCkEkz13ow21:13080:0:99999:7:::
[root@fedora ~]# less /etc/group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
tdisk:x:6:root
wheel:x:10:root

From the information gather above, to create a user that have the same power (superuser power) as a ‘root’ user in Linux system, we need to create a user with same root user uid, gid and group.

3. To create user account that has the same ability (super user) as the ‘root’ user, issue this command:
[root@fedora ~]# adduser -u 0 -o -g 0 -G 0,1,2,3,4,6,10 -M root2
Adduser command explanations:
adduser
-u 0 -o
-g 0
-G 0,1,2,3,4,6,10
-M
root2
Using Linux adduser command to create a new user account or to update default new user information.
Set the value of user id to 0.
Set the initial group number or name to 0
Set supplementary group to:
0 = root
1 = bin
2 = daemon
3 = sys
4 = adm
6 = disk
10 = wheel
'home directory' not created for the user.
User name of the new user account.

Note: you need to have the administrative privilege on the system in order to issue 'adduser' command above.

4. Now add a password for user ‘root2’ by issue the ‘passwd root2’ command, see example below:

[root@fedora ~]# passwd root2
Changing password for user root2.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

Note: you need to have the administrative privilege on the system in order to issue 'passwd' command above.

5. Check id for user root2 by issue the ‘id root2’ command, see example below:
[root@fedora ~]# id root2
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)

6. Now recheck the passwd, shadow and group files that contain ‘root2’ user informations to confirm the changes:
[root@fedora ~]# less /etc/passwd
root:x:0:0:root:/root:/bin/bash
root2:x:0:0::/home/root2:/bin/bash

[root@fedora ~]# less /etc/shadow
root:$1$B2BRWv4X$Gb.MPc6I3RwCkEkT13ow21:13080:0:99999:7:::
root2:$1$bQHGH4cX$TtsV/WVdFe5cIsHWjzc.N1:13112:0:99999:7:::

[root@fedora ~]# less /etc/group
root:x:0:root,root2
bin:x:1:root,bin,daemon,root2
daemon:x:2:root,bin,daemon,root2
sys:x:3:root,bin,adm,root2
adm:x:4:root,adm,daemon,root2
disk:x:6:root,root2
wheel:x:10:root,root2

7. Everything should be ok, now try to login to system with newly created ‘root2’ account, see example:

login as: root2
root2@10.7.0.211's password:
Last login: Thu Nov 24 23:48:49 2005 from 10.7.0.112
Could not chdir to home directory /home/root2: No such file or directory

-bash-3.00#

-bash-3.00#

-bash-3.00# su –

[root@fedora ~]#

8. Make sure that you execute the su command with hyphen ( su - ) to get the PATH of the user that you become to... below is the example of the su command with hyphen and without hyphen.

Loggin in as user tenouk, then execute $PATH as example below.
[tenouk@fedora ~]$ $PATH
-bash: /usr/lib/qt-3.3/bin:/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin:/home/ tenouk/bin: No such file or directory

[tenouk@tenouk ~]$

Use the su command to change to root user as example below and then execute $PATH as example below.

[tenouk@fedora ~]$ su root
Password:
[root@fedora tenouk]# $PATH

bash: /usr/kerberos/sbin:/usr/lib/qt-3.3/bin:/usr/kerberos/bin:/usr/local/bin:/b in:/usr/bin:/home/tenouk/bin: No such file or directory

[root@fedora tenouk]#

Then try use the su - command and verify with the $PATH as example below.
[root@tenouk tenouk]# su - root
[root@tenouk ~]# $PATH

-bash: /usr/lib/qt-3.3/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin: /usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin: No such file or director y

[root@tenouk ~]#

Note: The execution of su command, without the hypen ( - ) you inherit the PATH of the current user. Use the su command, with hyphen ( su - ) to get the default PATH of the root user.

Step-by-step how to procedure above tested on:
Operating System: GNU/Linux Fedora Core 4
Kernel Name: Linux
Kernel Release: 2.6.11-1.1369_FC4
Kernel Version: #1 Thu Jun 2 22:55:56 EDT 2005
Machine Hardware: i686
Machine Processor: i686
Hardware Platform: i386
Shell: GNU bash, version 3.00.16(1)-release (i386-redhat-linux-gnu)
Installation Type: Full Installation (Custom)
SELinux: Disable
阅读(1099) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~