Can you remove the root user from sudoers file on CentOS?
Stephen Partington
cryptworks at gmail.com
Wed Oct 16 21:29:54 MST 2019
The most succinct explanation i have seen in some time.
On Wed, Oct 16, 2019 at 7:57 PM Kevin Fries <kevin at fries-biro.com> wrote:
> su and sudo are two different things.
>
> Also, root is simply a moniker for userid 0 by convention.
>
> With SU, to gain elevated privs, you need the root password. And with
> that password, you have all the keys to the kingdom.
>
> SUDO, on the other hand allows granular elevation. So, you can have root
> access to add users, but not start services, or to start and stop services,
> but not view logs.
>
> Also, if you go into /etc/passed, and rename account 0 (zero), from root
> to thegrandguru, su and sudo will elevate your privs, from the user to that
> of thegrandguru. If you create an accout called root, with a userid of
> 1005, root will be just a common user, but thegrandguru is what you
> generally think of as root.
>
> Realize that all this is about getting your privs to that of userid=0
>
> Kevin Fries
>
> Sent from BlueMail <http://www.bluemail.me/r?b=15704>
> On Oct 16, 2019, at 5:31 PM, Harold Hartley <wheelie207 at ownmail.net>
> wrote:
>>
>> I think su is short for sudo.
>>
>> On Wed, Oct 16, 2019, at 16:02, Phil Waclawski wrote:
>>
>> So, I see the recent major bug with sudo, and on centos (unlike ubuntu
>> flavors) I never use it.
>>
>> Is there a problem with just commenting out the
>>
>> root ALL = ALL(ALL) in the sudoers file?
>>
>> I don't think su is in any way connected to sudoers, but I want to check
>> before I do something stupid.
>>
>> I have done some searching and I can't get an answer about this so far.
>>
>> Phil Waclawski
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>>
>> --
>> Harold Hartley
>> 17632 N. 5th place
>> Phoenix, AZ 85022
>> wheelie207 at ownmail.net
>>
>> ------------------------------
>>
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
--
A mouse trap, placed on top of your alarm clock, will prevent you from
rolling over and going back to sleep after you hit the snooze button.
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20191016/f06a290a/attachment.html>
More information about the PLUG-discuss
mailing list