-----BEGIN PGP SIGNED MESSAGE-----
garyumc wrote:
>so, I followed yrs steps to change it as
>gary:x:0:0:Gary Tay:/home/gary:/bin/bash
>
>once I change it, I can't telnet in with this account, even I did update
>the account password, but still login failed.... then changed the
>following in /etc/group
>
>from "gary:x:500:root" to "gary:x:0:root"
>
>but still the same??? anything else that I need to change in order to
>give the root permission to user without doing "su -" and how can I give
>certain root's permission to user? like user1 can do normal admin work
>but can't reboot /shutdown server... so called admin work distribution...
Gary, the reason you can't telnet to that account is because UID 0
accounts can't connect directly via telnet, with good reason. Please
consider using ssh. Second, if you need to be able to frequently run
commands as root while logged in as gary, a much safer way to do that
is to use sudo. If you enter a line like this in sudoers (edit it by
running "visudo"):
gary ALL=(ALL) ALL
then you'll be able to do "sudo <command>" for any command you like,
with your password required only once every 5 minutes (or whatever
sudo's timeout is). Further, the use of sudo makes it possible to
delegate privileged tasks to specific usernames, as you asked. The
sudoers syntax isn't exactly straightforward once you start breaking
out responsibilities, but it is quite powerful, and is a much tighter
way to run the ship.
Making your personal account UID 0 just isn't necessary, will
complicate management of your personal files, will make it much too
easy to break things, and is asking for trouble. Only Windows needs
to run that way; multiuser systems don't!
Good luck. See the man page for sudoers if you need examples; you'll
have to do some reading (it took me awhile too).
- -d
- --
David Talkington
Prairienet
[EMAIL PROTECTED]
217-244-1962
PGP key: http://www.prairienet.org/~dtalk/dt000823.asc
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
Comment: Made with pgp4pine 1.75-6
iQEVAwUBOr7IAL1ZYOtSwT+tAQH8EAf9Fd51lHZYIzP6IxJuvPiL2RvwgTGhEkAU
pXg/BrcbYcykfiWwFCU2+70FySf0YBDoUDtXOtTGnH07zjCwyIAbg3vHwZEOdk9D
3cDg0gyk9eV11pyf2mrE1lXVF9HReAD+E4cXH7V9k5s7kw+/AaY+FOoFBYzNwYKC
XlfPuSzGIIXAUyzBeyMYZEQLoK9EsfIGlstVxRERCB7VaZubXeAg9Z4U4xDPFpcE
gdN/GQ3eaWm5hNvqJgOJg0Cp1gGvVDegBTpgqeKabAD2n5wcyn4Cr8wpMg2UIo1n
mXwS5/f7cLhRZAhCBFUtz6Hs4AM2//3++MZ8a7IXetkEwNh4EX065A==
=rWiy
-----END PGP SIGNATURE-----
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
