cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Create an additional 'root' privilege account for appliances

Create an additional 'root' privilege account for appliances

Anonymous
Not applicable

Hi,

Would like to create an additional root privilege account, and have followed the process in this article:

https://extremeportal.force.com/ExtrArticleDetail?an=000081611

Created a new account and run the following against the username

usermod -aG sudo flammia


Problem is it doesn't seem to give the same root privileges, for example when I try to access the directory /root I get access denied.

The following details have been taken from

/etc/passwd


root0:0:root:/root:/bin/bash
flammia
1002:1002:,,,:/home/flammia:/bin/bash



Run the following command:

visudo


I see the following:

# User privilege specification root ALL=(ALL:ALL) ALL # Members of the admin group may gain root privileges %admin ALL=(ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL


Next command

id flammia


uid=1002(flammia) gid=1002(flammia) groups=1002(flammia),27(sudo)


With that information, the account being in the 'sudo' group and privileges of "ALL=(ALL:ALL) ALL", shouldn't this account have access and equal privileges the same as root?

This is an example of files being denied access:

find: ?/root?: Permission denied find: ?/etc/ppp/peers?: Permission denied find: ?/etc/chatscripts?: Permission denied find: ?/etc/audit?: Permission denied find: ?/etc/polkit-1/localauthority?: Permission denied find: ?/etc/ssl/private?: Permission denied find: ?/etc/lvm/backup?: Permission denied find: ?/etc/lvm/archive?: Permission denied find: ?/boot/lost+found?: Permission denied find: ?/var/cache/ldconfig?: Permission denied find: ?/var/spool/cron/crontabs?: Permission denied find: ?/var/spool/cron/atjobs?: Permission denied find: ?/var/spool/cron/atspool?: Permission denied find: ?/var/spool/rsyslog?: Permission denied find: ?/var/log/apache2?: Permission denied find: ?/var/log/audit?: Permission denied find: ?/var/log/setup/tmp?: Permission denied find: ?/var/lib/sudo?: Permission denied find: ?/var/lib/snmp/mib_indexes?: Permission denied find: ?/var/lib/polkit-1?: Permission denied find: ?/lost+found?: Permission denied find: ?/home/companyssh/.cache?: Permission denied find: ?/sys/kernel/debug?: Permission denied find: ?/sys/fs/pstore?: Permission denied find: ?/run/user/1001?: Permission denied find: ?/run/user/0?: Permission denied find: ?/run/sudo?: Permission denied find: ?/run/log/journal/4c685fdc806da42fe74eb721599b4a88?: Permission denied find: ?/run/lvm?: Permission denied find: ?/run/systemd/inaccessible?: Permission denied find: ?/run/lock/lvm?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/backup/netsight_06042019.sql?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/backup/netsight_25022019?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/backup/netsight_07042019.sql?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/backup/netsight_08042019.sql?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/upgrade/logs?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/services/mib_indexes?: Permission denied find: ?/usr/local/Extreme_Networks/NetSight/mysql/data/threatresponse?: Permission denied



Many thanks

0 REPLIES 0
GTM-P2G8KFN