Linux How to avoid logging with root user?

Status
Not open for further replies.

Compiler

Contributor
I have created a linux machine and installed some softwares on it with root user privileges . I used to login with root user credentials for doing the various task.

Later i have realise that this is not the best practice to follow and there should be a new user with less privileges to be created for doing the day to day task.

I have read the steps to create the user but will that new user sufficient enough to do the task that i m doing it through root user?
Will my software allow the new user to work on them?
I would be glad if someone points me to a guidelines on what should be my next step?
 
First things first, you forgot to mention the linux flavor that you are using :D Not needed for this issue, but its always nice to know what u r are using. ANyways, if you want to run any software using the root privileges (very rarely needed unless it is something to do with the system level changes) you can always use sudo ("super user do") which then the command, a which point of time it will ask you for the root password and run the program as super user

sudo - Wikipedia, the free encyclopedia
 
This is what i did .Please correct me if i m wrong.

Not to use root account anymore:
First all all i will make a firm decision not to use root account for my daily purpose.
How how do i do my daily task?
I will make two users named admin and worker.
Admin:
Admin user will be given admin privilege to do Admin specific tasks.
Worker:
Normal user of the machine, who is restricted from admin tasks.
Step 1:
Create two users:
Login with root
Code:
# useradd admin
# passwd admin
Changing password for user admin.
New UNIX password:
BAD PASSWORD: it is too short
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
Code:
# useradd worker
# passwd worker
Changing password for user worker.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

Now its time to give Admin user some more privileges than worker user.
Login with root user.
type
Code:
#visudo in command prompt.

Modify the file accordingly
## User Aliases
## These aren't often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname
## rather than USERALIAS

User_Alias ADMINS = admin

## Allows people in group wheel to run all commands
# %wheel ALL=(ALL) ALL

%admin ALL=(ALL) ALL

save it using esc :wq.
Now you have added admin user in sudoers file with all command execution rights.
Note : visudo is a command line utility to edit /etc/sudoers file.
Its recommended to avoid vi editor.

Now its time to check if whatever is done is working or not.

Lets open two separate terminals.
one for admin user and one for worker user.
Now try to run any command which need root privileges to run.(I m using ifconfig here).
Code:
[admin@localhost ~]$ ifconfig
-bash: ifconfig: command not found
[worker@localhost ~]$ ifconfig
-bash: ifconfig: command not found
As you observe both users are unable to run the command.

With admin terminal type following.
Code:
#/sbin/ifconfig
It will display the output as admin user is added in sudoer file with all command privilege.
The same can't be done with worker user.
 
Status
Not open for further replies.