Add A da d User a U s e r [1] Add a new user. I used user name as 'cent' on following examples, but Set any names you like to use. [root@ns ~]# useradd cent [root@ns ~]# passwd cent Changing password for user cent. New UNIX password: Retype new UNIX password: passwd: all authentication tokens [root@ns ~]# exit
// add a user 'cent' // set password for cent // input password you want to set // verify updated successfully. // logout
[2] Try to switch by user that was added in section [1]. // // // // //
ns login: cent password: [cent@ns ~]$ su Password: [root@ns ~]#
input user name input password switch to root input password for root done to switching to root
[3] Make 'cent' user that was added in section [1] be only a user who can switch to root. [root@ns ~]# vi /etc/group
// open the file with vi
wheel:x:10:root ,cent
// line 11: add user
[root@ns ~]# vi /etc/pam.d/su #%PAM - 1.0 auth sufficient pam_rootok.so # Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group. auth required pam_wheel.so use_uid // remove '#' that was on the head of line auth include system - auth account sufficient pam_succeed_if.so uid = 0 use_uid quiet account include system - auth password include system - auth session include system - auth session optional pam_xauth.so [root@ns ~]# vi /etc/login.defs // add this line at the bottom
SU_WHEEL_ONLY yes
F o r w a r d i n g
e m a i l
f o r
r o o t
[4] Set config to forward mails for root to a user who is a system administrator you set as.
[root@ns ~]# vi /etc/aliases # Person who should get root's mail root: cent // bottom: remove '#' and add user name [root@ns ~]# newaliases // set new aliases /etc/aliases: 77 aliases, longest 10 bytes, 776 bytes total