Sujet : Re: privileged user in RedHat
De : 186283 (at) *nospam* ud0s4.net (186282@ud0s4.net)
Groupes : comp.os.linux.miscDate : 28. Aug 2024, 09:53:18
Autres entêtes
Organisation : wokiesux
Message-ID : <u82cnVISw_fySlP7nZ2dnZfqnPSdnZ2d@earthlink.com>
References : 1
User-Agent : Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0
On 8/28/24 2:21 AM, Marco Moock wrote:
Hello!
Is there any definition for the word "privileged user" in the Linux
(especially RedHat) environment?
User 'root' is the only, initially, "privileged user".
Open a terminal, type 'su', enter the password (which
should be DIFFERENT from that of any other user you
created during install). Root has access to EVERYTHING,
therefore the desire for the different password.
(note that 'sudo' kinda breaks this security measure, so
research and set it CAREFULLY). You do NOT have to use
'visudo' ... but then it's on YOU to get it 100% right.
Anything 'vi' I tend to REMOVE because I find line-editors
SO offensive these days.
When IBM-PCs, DOS 1.x, came out there was 'edlin' - a
"line editor". You were expected to use it when editing
text/config files. I despised the concept SO much I wrote
a 'nano'-like editor, in assembler lang, as a replacement.
I just REALLY hate line editors ...... the tech do do
much better existed from WAY back.
I am currently learning RedHat OpenShift and the courses include a
question where the answer is that 2 containers run with UID 27 are
called privileged. (DO190 ch03s08 if you have access).
I am aware that it is common that normal (real people) users start with
1000 ongoing, server process users are below. Is there a difference on
the IDs or is that just tradition?
It is "tradition" now to set the first 'regular' user
to ID 1000, group 1000. Not all 'unix-like' systems
may obey the same traditions, but Linux distros kinda
all go that way.
The SYSTEM doesn't really care about the ID numbers.
While there are terminal-line utilities, you can also
edit /etc/groups and /etc/passwd using something like
'nano' and add/remove users from the privileges of
the root user. DO be CAREFUL ! Get it right. Plenty
of docs on the net.
Linux has a rep for security. To keep that intact
please do NOT run apps and such as "root" unless
absolutely necessary.
Yea, yea ... with Win you have to use the Administrator
privs kinda often or you can't do dick .......
As for 'sudo' ... there ARE ways to force it to
require the ROOT password instead of the regular
USER password. This is much more secure. DO
research it on the net. The /etc/sudoers file
is where you make the, careful, changes.
Oh, Raspberry Pi's ... 'sudo' often requires NO
password. NOT great.