Add the Linux groups to your server:
Add the Linux users and assign them to their respective groups
[email protected] tmp]# useradd -g parents ram
[[email protected] tmp]# useradd -g parents jagmohan
[[email protected] tmp]# useradd -g children ramesh
[[email protected] tmp]# useradd -g children hema
[[email protected] tmp]# useradd -g soho accounts
[[email protected] tmp]# useradd -g soho sales
User root changing the password for user ram
There is also an optional -r switch that additionally removes all the contents of the user’s home directory.
# userdel -r ram
How to Tell the Groups to Which a User Belongs
How to Change the Ownership of a File
[[email protected] tmp]# ll test.txt
-rw-r–r– 1 testuser users 0 Nov 17 22:14 test.txt
[[email protected] tmp]#
Temporarily Gaining root Privileges
[[email protected] bob]$ more /etc/sudoers
/etc/sudoers: Permission denied
[[email protected] bob]$
Bob tries again using sudo and his regular user password and is successful:
Becoming root for a Complete Login Session
The su command allows a regular user to become the system’s root user if they know the root password. A user with sudo rights to use the su command can become root, but they only need to know their own password, not that of root as seen here.
The /etc/sudoers file contains all the configuration and permission parameters needed for sudo to work.
Granting All Access to Specific Users
You can grant users bob and bunny full access to all privileged commands, with this sudoers entry.
bob, bunny ALL=(ALL) ALL
This is generally not a good idea because this allows bob and bunny to use the su command to grant themselves permanent root privileges thereby bypassing the command logging features of sudo. The example on using aliases in the sudoers file shows how to eliminate this prob
Granting Access To Specific Users To Specific Files
This entry allows user peter and all the members of the group operator to gain access to all the program files in the /sbin and /usr/sbin directories, plus the privilege of running the command /usr/local/apps/check.pl. Notice how the trailing slash (/) is required to specify a directory location:
peter, %operator ALL= /sbin/, /usr/sbin, /usr/local/apps/check.pl
Granting Access to Specific Files as Another User
The sudo -u entry allows allows you to execute a command as if you were another user, but first you have to be granted this privilege in the sudoers file.
This feature can be convenient for programmers who sometimes need to kill processes related to projects they are working on. For example, programmer peter is on the team developing a financial package that runs a program called monthend as user accounts. From time to time the application fails, requiring “peter” to stop it with the /bin/kill, /usr/bin/kill or /usr/bin/pkill commands but only as user “accounts”. The sudoers entry would look like this:
peter ALL=(accounts) /bin/kill, /usr/bin/kill, /usr/bin/pkill
User peter is allowed to stop the monthend process with this command:
[[email protected] peter]# sudo -u accounts pkill monthend
Granting Access Without Needing Passwords
This example allows all users in the group operator to execute all the commands in the /sbin directory without the need for entering a password. This has the added advantage of being more convenient to the user:
%operator ALL= NOPASSWD: /sbin/
To create a Tar file
tar -czf archive.tar.gz *.txt
To list files in a compressed Tar file
tar -tzf archive.tar.gz.