Add a user
2013/12/18 |
[1] | Add a user for system administration. |
[root@localhost ~]# useradd fedora [root@localhost ~]# passwd fedora Changing password for user fedora. New UNIX password: # set password Retype new UNIX password: # confirm passwd: all authentication tokens updated successfully. [root@localhost ~]# # logout |
[2] | Try to switch to a user that was added above. |
dlp login: fedora # input user name password: # password [fedora@localhost ~]$ su - # switch to root Password: # root password [root@localhost ~]# # just switched to root |
[3] | Make a user be only a user who can switch to root as an administration user. (it's 'fedora' in this example) |
[root@localhost ~]# usermod -G wheel fedora
[root@localhost ~]#
vi /etc/pam.d/su #%PAM-1.0 auth sufficient pam_rootok.so # Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group. # uncomment the following line auth required pam_wheel.so use_uid auth substack system-auth auth include postlogin account sufficient pam_succeed_if.so uid = 0 use_uid quiet account include system-auth password include system-auth session include system-auth session include postlogin session optional pam_xauth.so |