This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Create an additional 'root' privilege account for appliances

Create an additional 'root' privilege account for appliances

Anonymous
Not applicable

‎04-08-2019 10:14 AM

Hi,

Would like to create an additional root privilege account, and have followed the process in this article:

https://extremeportal.force.com/ExtrArticleDetail?an=000081611

Created a new account and run the following against the username

usermod -aG sudo flammia


Problem is it doesn't seem to give the same root privileges, for example when I try to access the directory /root I get access denied.

The following details have been taken from

/etc/passwd


root0:0:root:/root:/bin/bash
flammia
1002:1002:,,,:/home/flammia:/bin/bash



Run the following command:

visudo


I see the following:

# User privilege specification root ALL=(ALL:ALL) ALL # Members of the admin group may gain root privileges %admin ALL=(ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL


Next command

id flammia


uid=1002(flammia) gid=1002(flammia) groups=1002(flammia),27(sudo)


With that information, the account being in the 'sudo' group and privileges of "ALL=(ALL:ALL) ALL", shouldn't this account have access and equal privileges the same as root?

This is an example of files being denied access:

find: ?/root?: Permission denied find: ?/etc/ppp/peers?: Permission denied find: ?/etc/chatscripts?: Permission denied find: ?/etc/audit?: Permission denied find: ?/etc/polkit-1/localauthority?: Permission denied find: ?/etc/ssl/private?: Permission denied find: ?/etc/lvm/backup?: Permission denied find: ?/etc/lvm/archive?: Permission denied find: ?/boot/lost+found?: Permission denied find: ?/var/cache/ldconfig?: Permission denied find: ?/var/spool/cron/crontabs?: Permission denied find: ?/var/spool/cron/atjobs?: Permission denied find: ?/var/spool/cron/atspool?: Permission denied find: ?/var/spool/rsyslog?: Permission denied find: ?/var/log/apache2?: Permission denied find: ?/var/log/audit?: Permission denied find: ?/var/log/setup/tmp?: Permission denied find: ?/var/lib/sudo?: Permission denied find: ?/var/lib/snmp/mib_indexes?: Permission denied find: ?/var/lib/polkit-1?: Permission denied find: ?/lost+found?: Permission denied find: ?/home/companyssh/.cache?: Permission denied find: ?/sys/kernel/debug?: Permission denied find: ?/sys/fs/pstore?: Permission denied find: ?/run/user/1001?: Permission denied find: ?/run/user/0?: Permission denied find: ?/run/sudo?: Permission denied find: ?/run/log/journal/4c685fdc806da42fe74eb721599b4a88?: Permission denied find: ?/run/lvm?: Permission denied find: ?/run/systemd/inaccessible?: Permission denied find: ?/run/lock/lvm?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/backup/netsight_06042019.sql?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/backup/netsight_25022019?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/backup/netsight_07042019.sql?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/backup/netsight_08042019.sql?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/upgrade/logs?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/services/mib_indexes?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/mysql/data/threatresponse?: Permission denied



Many thanks

0 Kudos
0 REPLIES 0
GTM-P2G8KFN