|
Set Admin User
2013/05/06 |
| [1] | If you set root password and activated the root during installation, configure settings to limit users who switch to root. |
|
root@dlp:~# usermod -G adm wheezy
root@dlp:~#
vi /etc/pam.d/su # line 15: uncomment and add the follows auth required pam_wheel.so group=adm
|
| [2] | Try to switch to root from a user you set to allow. |
|
root@dlp:~# su - wheezy # switch to a user wheezy@dlp:~$ su - # switch to root Password: root@dlp:~# # normally done |
| [3] | Add a test user and try to confirm the user can not switch to root. |
|
root@dlp:~# adduser testuser # add test user Adding user `testuser' ... Adding new group `testuser' (1001) ... Adding new user `testuser' (1001) with group `testuser' ... Creating home directory `/home/testuser' ... Copying files from `/etc/skel' ... Enter new UNIX password: # set password Retype new UNIX password: # confirm passwd: password updated successfully Changing the user information for testuser Enter the new value, or press ENTER for the default Full Name []: testuser # input the name Room Number []: testuser # input any one Work Phone []: # input any one(it's Ok with empty) Home Phone []: # input any one(it's Ok with empty) Other []: # input any one(it's Ok with empty)
Is the information correct? [y/N]
root@dlp:~# y su - testuser # switch to the user testuser@dlp:~$ su - # switch to root Password: su: Permission denied testuser@dlp:~$ # normally access denied |