Add Admin User

[1] Create an admin user.
[root@dlp ~]#

useradd fermi

[root@dlp ~]#

passwd fermi

Changing password for user fermi.
New UNIX password:

# set password

Retype new UNIX password:

# Confirm

passwd: all authentication tokens updated successfully.
[root@dlp ~]#

# logout
[2] Try to switch to a user that was added above.
dlp login:

fermi
# input user name

password:

# password

[fermi@dlp ~]$

su
# switch to root

Password:

# root password

[root@dlp ~]#

# just switched to root
[3] Make a user (it’s ‘fermi’ in this example) be only a user who can switch to root as an administration user.
[root@dlp ~]#

vi /etc/group
# line 11: add user name

wheel:x:10:root

,fermi

[root@dlp ~]#

vi /etc/pam.d/su

#%PAM-1.0
auth

sufficient
pam_rootok.so

# Uncomment the following line to implicitly trust users in the “wheel” group.
#auth

sufficient
pam_wheel.so trust use_uid

# Uncomment the following line to require a user to be in the “wheel” group.

# uncomment the following line

auth

required
pam_wheel.so use_uid

auth

include
system-auth

account

sufficient
pam_succeed_if.so uid = 0 use_uid quiet

account

include
system-auth

password

include
system-auth

session

include
system-auth

session

optional
pam_xauth.so
Forwarding email for root to administration user
[4] Configure that forwarding emails for root to administration user you set above.

[root@dlp ~]#

vi /etc/aliases

# Person who should get root’s mail

# last line: uncomment and change to a user

root:

fermi

[root@dlp ~]#

# Configuration change
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s