Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Root like access
- Thread starter Chrisdp
- Start date
Manage those directory permission for certain group of user that you wish to have full permission into.
for example:
[root@hostname /]# groupadd administrator
^^^^^^^^^^^^^
this group contain list of users that will have full permition to the userdir'
[root@hostname /]# chgroup administrator <userdir>
[root@hostname /]# chmod 775 <userdir>
for example:
[root@hostname /]# groupadd administrator
^^^^^^^^^^^^^
this group contain list of users that will have full permition to the userdir'
[root@hostname /]# chgroup administrator <userdir>
[root@hostname /]# chmod 775 <userdir>
Hi,
Not sure exactly what you mean by 'root like access' so I'm guessing a bit...
I would think what you want is almost the reverse of the last answer. You would probably be better off with leaving the ownership / group ownership of your directories asis but to add supplementary group memberships to your 'superuser' for all the directories that they need to admin.
drwxrwx--- 68 user1 group1 4096 Sep 9 20:46 dir1
drwxrwx--- 25 user2 group2 1024 Sep 8 17:54 dir2
drwxrwx--- 13 user3 group3 1024 Sep 8 21:58 dir3
gpasswd -a superuser group1
gpasswd -a superuser group2
gpasswd -a superuser group3
This will allow 'superuser' group access rights for all those groups - you just have to make sure you set the group permissions as rwx .
(Enter 'id superuser' to see that user's group information).
I should warn you on the above that you may have problems with supplementary groups depending how PAM is configured for your setup.
Sudo, incidentally, is something entirely different. It allows for the execution of 'root' commands by a non-root user - for example to allow a user to do /sbin/shutdown .
Rgds
Not sure exactly what you mean by 'root like access' so I'm guessing a bit...
I would think what you want is almost the reverse of the last answer. You would probably be better off with leaving the ownership / group ownership of your directories asis but to add supplementary group memberships to your 'superuser' for all the directories that they need to admin.
drwxrwx--- 68 user1 group1 4096 Sep 9 20:46 dir1
drwxrwx--- 25 user2 group2 1024 Sep 8 17:54 dir2
drwxrwx--- 13 user3 group3 1024 Sep 8 21:58 dir3
gpasswd -a superuser group1
gpasswd -a superuser group2
gpasswd -a superuser group3
This will allow 'superuser' group access rights for all those groups - you just have to make sure you set the group permissions as rwx .
(Enter 'id superuser' to see that user's group information).
I should warn you on the above that you may have problems with supplementary groups depending how PAM is configured for your setup.
Sudo, incidentally, is something entirely different. It allows for the execution of 'root' commands by a non-root user - for example to allow a user to do /sbin/shutdown .
Rgds
You can use sudo for this, or you may wish to use the time
honored unix convention of having privileged users in the
"wheel" group, change the group ownership of /home/* to wheel ; chmod 770, add the super-privileged users to wheel.
Sudo has security issues, mainly with the creation and overwriting of files with root privileges, securiteam.com
is a good site to check on this as is your distributions site.
honored unix convention of having privileged users in the
"wheel" group, change the group ownership of /home/* to wheel ; chmod 770, add the super-privileged users to wheel.
Sudo has security issues, mainly with the creation and overwriting of files with root privileges, securiteam.com
is a good site to check on this as is your distributions site.
- Status
Similar threads
