Re: [opensuse] Post installation queries (FIRST successful installation of Linux)



Linux Tyro said the following on 11/05/2011 06:26 AM:

Oh, 'linuxworld' (or 'linuxuser', whatever) is not the root but has
privileges of system administration, does it mean that?

NO!
Root has uid=0.
Other users don't.

Other users may belong to a group which permits them, by one means or
other, to have administration privileges granted to them.

For example: (hypothetical to illustrate the point)

There is a group 'lp'
There are programs that are used to administer the printer system.
These should not be run by ordinary users.
So the will have access

-rwxr-x--- root lp .....

However if you don't want to give out the root password to the guy who
administers the printers, then you can add him to the 'lp' group.

This technique was explained over two decades ago in a USENIX paper
"Life Without Root".
http://www.ussrback.com/docs/papers/unix/noroot.ps

This approach is suited to larger systems where there will be
delegation. It is too complex to implement for all possible forms of
delegation in most sites!

However it does illustrated well the point of group permissions.

Now the example David gave is 'the-same-but-different'.

The 'wheel' group is a historic tradition
http://www.google.com?=linux+wheel+group
that allows, via other methods, a group of users to be granted the
ability to 'su' to root without the need for the root password.
There are a number of mechanisms for this. The historic one was in
'sudo'. Later, PAM allowed for specific commands.

Originally the mechanism prompted the user for his own password rather
than the root password. (If you use the same password for both then
this is a moot point.)

If you googled, you would find specific instructions
http://administratosphere.wordpress.com/2007/09/10/wheel-group-and-fedora-red-hat-linux/
and explanations
http://alien.slackbook.org/dokuwiki/doku.php?id=linux:admin
http://foldoc.org/wheel+bit

Of course you could have RTFM
http://linux.die.net/man/8/pam_wheel


Of course you could have found out all this by googling or by reading
one of the books or e-books we've referred you to.






But even when
I go to yast (GUI), I need to enter the root's password (which I
changed after installation, since in the beginning it was the same as
that of 'linuxworld' user) and it does only ROOT password not the
linuxworld password, even though while installation, it declared the
created user as having the system admin privileges.


--
Growth for the sake of growth is the ideology of the cancer cell.
- Edward Abbey
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx