Purchase Linux CDs / DVDs / Flash Drives at OSDisc.com

Welcome to Our Community

While Linux.org has been around for a while, we recently changed management and had to purge most of the content (including users). If you signed up before April 23rd, 2017 please sign up again. Thanks!

  1. Follow us on twitter - we shoot all of our new original content out as well as random messages. https://twitter.com/linuxdotorg
    Dismiss Notice

secondary super user

Discussion in 'General Linux' started by Alicelinux, Oct 5, 2018.

  1. Alicelinux

    Alicelinux New Member

    Joined:
    Sep 23, 2018
    Messages:
    23
    Likes Received:
    0
    we already have root account, we want to create another root user , by using user add command, it will create a normal user, then we change group to root,

    is there a simple step we can directly create another super user by using user add? ,


    (Log in to hide this advertisement)

     
  2. arochester

    arochester Moderator
    Staff Member Gold Supporter

    Joined:
    Apr 25, 2017
    Messages:
    421
    Likes Received:
    472
    Do you use sudo already?

    AS ROOT the command in the Terminal is

    Code:
    usermod -a -G sudo <username>
    Replace <username> with the username to which you want to grant sudo access.

    Now logout & login to get sudo access to those users.
     
    CptCharis likes this.
  3. JasKinasis

    JasKinasis Well-Known Member

    Joined:
    Apr 25, 2017
    Messages:
    332
    Likes Received:
    642
    I agree with arochester.
    Any users requiring root permissions should be added to the sudo group.

    Additionally, the actual root account itself should be disabled - that should help prevent unauthorized users (like your hacker nuisances ) from being able to directly access the root account.

    Also there are other measures like: disabling root login for SSH connections, using cryptographic keys for SSH connections instead of a password based login. That would also help keep hackers at bay.

    See here:
    https://access.redhat.com/documenta...rity_Guide/s2-wstation-privileges-noroot.html
     
    CptCharis likes this.
  4. Alicelinux

    Alicelinux New Member

    Joined:
    Sep 23, 2018
    Messages:
    23
    Likes Received:
    0
    no, I want second root, not through sudo, i want another root, for example xyz with uid=0, group id=0, root group
     
  5. JasKinasis

    JasKinasis Well-Known Member

    Joined:
    Apr 25, 2017
    Messages:
    332
    Likes Received:
    642
    AFAIK, there can be only one root user. Adding an ordinary user and adding them to the sudo group is one way of allowing a user to access root privileges. I don't know what the effect of adding them to the root group would be.

    If you're worried about the root account being compromised, you could try resetting the password for the root account. Then create a user with sudo privileges and use that account to disable the root account and then perhaps limit the permissions of the rogue account you spotted, or simply remove it altogether, if you haven't already!
     
  6. Alicelinux

    Alicelinux New Member

    Joined:
    Sep 23, 2018
    Messages:
    23
    Likes Received:
    0
    thanks, but the point is if i add one user abc, password 1234 and use
    usermod -a -G sudo abc, but user abc don't know root password, he can't have root priviliedges, my goal is to let user abc to have all root priviledges without knowing root password
     
  7. wizardfromoz

    wizardfromoz Super Moderator
    Staff Member Gold Supporter

    Joined:
    Apr 30, 2017
    Messages:
    2,308
    Likes Received:
    1,999
    Can you not do something like?:

    in /etc/sudoers

    Code:
    %group ALL=(ALL) NOPASSWD: ALL
    
    #or
    
    youruser ALL=(ALL) NOPASSWD: ALL
    ... or am I missing the plot?

    Wizard
     
    CptCharis likes this.

Share This Page