On Fri, May 10, 2002 at 08:15:58AM +0800, [EMAIL PROTECTED] wrote: > > Does anybody know how to make a user account which can do any root > > account can do? Specifically can restart services. > What your trying to ask is about granting to a particular user, have > capability also to add user like root, not giving him the root access right? > change UID of that particular like as a root @ /etc/passwd
Hmmm. Note that this is a Very Bad Thing to do. There's a reason why there should be only one root account - to prevent catastrophies from happening. Picture these scenarios: - You meant to type rm -rf ~/, but instead you typed rm -rf ~ / - You install an innocent-looking piece of software that actually conceals code to send sensitive data over the network or to participate in a mass denial of service attack. - You mess up some way or another. It _will_ happen. If you're a normal user, you'll get stopped when you try to do something you don't have permissions for. If you're root, the system assumes you know what you're doing, and will merrily go ahead and render your system completely unusable. sudo, su, and other superuser tools help you be more careful when you do things that need superuser access. They force you to consciously decide to become root. sudo in particular is noteworthy in that you don't even need to know root's password - you just have to be in the authorized list. Giving your root password to other people is insane unless you can absolutely trust them. Forget about sending your root password over the Net - that's like an invitation to use your box for nefarious purposes. Remember - you should feel responsible for what your computer does. If your computer is used to compromise or attack others, you aren't completely innocent. SO: Giving yourself UID 0 is a kludge, but a dangerous kludge. It's the easy way out, sure, but it's just... so... _wrong._ =) Sacha 8) _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
