572
edits
Changes
m
→Part 1: Finding out why Your First User can do Anything
<ol>
<li>View (but do not edit) the contents of '''/etc/sudoers'''. Search for your user account. You won't find them.</li><li>Check the contents of '''/etc/passwd ''' and '''/etc/group ''' for entries with your user account. Is there anything different between your account and '''ops245_1'''?</li><li>You should find that your user is part of a secondary group. What group is it? Are they part of that group on '''centos3'''?</li><li>The '''wheel''' group represents administrators with complete sudo privileges. Go back to '''/etc/sudoers ''' and read the entry for '''wheel'''. It should look something like this:<br />
<b><code><span style="color:#3366CC;font-size:1.2em;">%wheel ALL=(ALL) ALL</span></code></b><br />
::This means that anyone who is part of that group can run ''any'' command, as ''any'' user. Effectively, they can use sudo to be root.
</li>
<li>During the lecture, you should have learned some reasons to limit access to the actual root account, and why using sudo is a better practice. Record your observations.</li>
<li>On centos3, add your user to '''wheel ''' as a secondary group so you can use sudo the same way there that you can on your other machines.</li>
</ol>
