04-Linux Hardening - تعریف کاربر ادمین در لینوکس - Setup Linux Admin User

4.setup Admin user (Just admin user can switch to root)

4.1 Create an admin User
root@deb:~#useradd bahmani
root@deb:~#passwd bahmani
root@deb:~#exit
4.2 Make bahmani user who can switch to root as an admin user.
4.2.1 Debian
root@deb:~#usermod -aG adm bahmani
root@deb:~#usermod -aG sudo bahmani
4.2.2 RHEL
root@deb:~#usermod -aG wheel bahmani
root@deb:~#usermod -aG sudo bahmani
4.3 Edit /etc/pam.d/su
root@deb:~#grep adm  /etc/pam.d/su
4.3.1 Debian line 15: uncomment and add the follows
...
auth       required   pam_wheel.so group=adm
...
root@deb:~#reboot
4.3.2 RHEL uncomment and add the follows
...
# uncomment the following line
auth            required        pam_wheel.so use_uid
...
root@deb:~#reboot
4.4 Test: Other User except admin can not switch to root
root@deb:~#su - soroush
soroush@deb:~$ su -
Password:
su: Permission denied
soroush@deb:~$

 

مطالب و دوره های آموزشی مرتبط
مطالب و دوره های آموزشی مرتبط
مطالب و دوره های آموزشی مرتبط

Linux - add user to new group, Remove user from group

Linux Add user to new group

usermod -aG    <groupname>  <username>
[root@itstorage ~]#id m.bahmani
uid=1298200020(m.bahmani) gid=1298200020(m.bahmani) groups=1298200020(m.bahmani),501(oinstall),1298200035(allsshusers)
[root@itstorage ~]#usermod -aG  wheel m.bahmani
[root@itstorage ~]#id m.bahmani
uid=1298200020(m.bahmani) gid=1298200020(m.bahmani) groups=1298200020(m.bahmani),10(wheel),501(oinstall),1298200035(allsshusers)

Remove user from group

gpasswd -d <username> <groupname>
[root@itstorage ~]#id m.bahmani
uid=1298200020(m.bahmani) gid=1298200020(m.bahmani) groups=1298200020(m.bahmani),10(wheel),501(oinstall),1298200035(allsshusers)
[root@itstorage ~]#sudo gpasswd -d m.bahmani wheel
Removing user m.bahmani from group wheel
[root@itstorage ~]#id m.bahmani
uid=1298200020(m.bahmani) gid=1298200020(m.bahmani) groups=1298200020(m.bahmani),501(oinstall),1298200035(allsshusers)
مطالب و دوره های آموزشی مرتبط
مطالب و دوره های آموزشی مرتبط

Linux - add user to new group, Remove user from group

Linux Add user to new group

usermod -aG    <groupname>  <username>
[root@itstorage ~]#id m.bahmani
uid=1298200020(m.bahmani) gid=1298200020(m.bahmani) groups=1298200020(m.bahmani),501(oinstall),1298200035(allsshusers)
[root@itstorage ~]#usermod -aG  wheel m.bahmani
[root@itstorage ~]#id m.bahmani
uid=1298200020(m.bahmani) gid=1298200020(m.bahmani) groups=1298200020(m.bahmani),10(wheel),501(oinstall),1298200035(allsshusers)

Remove user from group

gpasswd -d <username> <groupname>
[root@itstorage ~]#id m.bahmani
uid=1298200020(m.bahmani) gid=1298200020(m.bahmani) groups=1298200020(m.bahmani),10(wheel),501(oinstall),1298200035(allsshusers)
[root@itstorage ~]#sudo gpasswd -d m.bahmani wheel
Removing user m.bahmani from group wheel
[root@itstorage ~]#id m.bahmani
uid=1298200020(m.bahmani) gid=1298200020(m.bahmani) groups=1298200020(m.bahmani),501(oinstall),1298200035(allsshusers)
مطالب و دوره های آموزشی مرتبط
مطالب و دوره های آموزشی مرتبط