Initial Settings : Add Common Users

[1]. To add a common user account on CentOS Server, Set like follows.

[root@localhost ~]# useradd centos

[root@localhost ~]# passwd centos

Changing password for user centos.

New UNIX password:              # input any password you'd like to set

Retype new UNIX password:       # confirm

passwd: all authentication tokens updated successfully.

[2]. If you'd like to switch to root user account from a common user, use [su] command to do so.

localhost login: centos         # login username

password:                       # input user password

[centos@localhost ~]$ su -      # swicth to root

Password:                       # input root password

[root@localhost ~]#             # just switched to root

[3]. If you'd like to limit users to run [su] command, set like follows.

On the example below, only users in [wheel] group can run [su] command.

[root@localhost ~]# usermod -G wheel centos

[root@localhost ~]# vi /etc/pam.d/su

#%PAM-1.0

auth            sufficient      pam_rootok.so

# Uncomment the following line to implicitly trust users in the "wheel" group.

#auth           sufficient      pam_wheel.so trust use_uid

# Uncomment the following line to require a user to be in the "wheel" group.

# uncomment the following line

auth            required        pam_wheel.so use_uid

auth            substack        system-auth

auth            include         postlogin

account         sufficient      pam_succeed_if.so uid = 0 use_uid quiet

account         include         system-auth

password        include         system-auth

session         include         system-auth

session         include         postlogin

session         optional        pam_xauth.so


# verify settings with a user that is not in allowed group

[redhat@localhost ~]$ su -

Password:

su: Permission denied     # denied normally

[4]. If you'd like to remove a user accounts, Set like follows.

# remove a user [centos] (only removed user account)

[root@localhost ~]# userdel centos

# remove a user [centos] (removed user account and his home directory both)

[root@localhost ~]# userdel -r centos 

Comments

Popular posts from this blog

Java : Variables Declaring

SQL Self JOIN