Show
About this Hands-on LabSystem Administrators rarely log into a system as `root`, due to a number of security risks. Some distributions even disable the `root` account to begin with. Restricting the ability to use `root` privileges to selected users is an important part of maintaining a secure system. In this activity, you will learn how to secure the `su` and `sudo` commands by restricting their use to members of the `wheel` group. Learning ObjectivesSuccessfully complete this lab by achieving the following learning objectives: Confirm Your User Is in the wheel Group and Set the /usr/bin/sudo and /usr/bin/su Files so They Can Be Executed by the root User and wheel GroupUse the
Use
Run
Use
Run To modify or verify
We need a line that looks like this:
It may already be there, or it may be there and commented out. It’s usually down in the vicinity of the Uncomment or Create a Line in /etc/pam.d/su to Require wheel Group Membership for Using the su CommandUsing the editor of your choice, uncomment or create an additional "auth" test below the line ending with Create a sysadmin User, Make Them a Member of the wheel Group, Set Their Password, and Verify sysadmin Is Able to Use sudo and suCreate the
Running it this way would work too:
Now we can set the
Verify Create a User, sysuser, Who Is Not a Member of the wheel Group, Set Their Password, and Verify That They Are Not Able to Use sudo and suCreate the
Set the
Verify
The In order to make a system more secure, we have been asked to restrict access to
the We'll need to create In addition, only members of the First, we'll need to set the permissions on Next, we
have to modify What are Hands-on LabsHands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world. Which of the following will show account aging information for a user such as the date of the last password change when the password expires and the?The chage command is used to modify user password expiry information. It enables you to view user account aging information, change the number of days between password changes and the date of the last password change.
Which of the following commands can be used to remove a group from a Linux system?To delete a group from Linux, use the command groupdel. There is no option. If the group to be deleted is the initial group of one of the users, you can not delete the group. The files changed by the groupdel command are two files "/etc/group" and "/etc/gshadow".
What command can you use to view Journald log entries on a system that uses systemd?To see the logs that the journald daemon has collected, use the journalctl command. When used alone, every journal entry that is in the system will be displayed within a pager (usually less ) for you to browse. The oldest entries will be up top: journalctl.
Which of the following file extensions are used by the Debian package manager?deb is the format, as well as extension of the software package format for the Debian Linux distribution and its derivatives.
|