Solved

Linux user Privileges

Posted on 2014-02-10
9
713 Views
Last Modified: 2014-02-11
Linux user Privileges

In windows domain, you can have enterprise Admins, Domain Admins, Account operators, print operators,etc...

I wonder what is the equivalent in Linux (ubuntu)

Thank you
0
Comment
Question by:jskfan
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 10

Assisted Solution

by:stu215
stu215 earned 166 total points
ID: 39848701
Ubuntu User Management:
https://help.ubuntu.com/10.04/serverguide/user-management.html

Ubuntu File Permissions:
https://help.ubuntu.com/community/FilePermissions

Ubuntu General System Mgt:
https://help.ubuntu.com/community/SystemAdministration

Generally you would setup groups and then apply the group to a set of files, and then add users to those groups which would restrict access to files by a group.

NOTE: see the file permissions link above as you have to explicitly set what permissions you would like the group to have on a particular set of files / folders / etc.
0
 

Author Comment

by:jskfan
ID: 39848739
For instance Sudoers..
Are all users added to Sudoers file have the same privileges as Root user
0
 
LVL 10

Assisted Solution

by:stu215
stu215 earned 166 total points
ID: 39848764
Adding a user to the sudoers file is giving the user a way to execute things as though they were the root user ( or a specified user ) but without allowing them to login as root.

Depeding on how its configured they should be prompted to enter a "sudo" password in order to execute the command they would like executed.

- You can setup different levels of users which can execute certain commands.

This explains it a bit better:
https://help.ubuntu.com/community/Sudoers
0
 
LVL 21

Assisted Solution

by:Mazdajai
Mazdajai earned 167 total points
ID: 39849250
There is no equivalent roles in  Ubuntu / Linux.

The only "admin" in Linux is root. The fore mention sudoers is similar as "Run As Administrator" in Windows but it is nowhere near root privileges.

man sudo

Open in new window

0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 83 total points
ID: 39849322
No it is not... Linux uses FLAT user db... not schema based. Linux has group called root, sys, operator ...

can be checked under /etc/group

TY/SA
0
 
LVL 28

Assisted Solution

by:serialband
serialband earned 84 total points
ID: 39850457
Mazdajai is incorrect.

As stu215 mentioned, if you have your sudo account set to run as full root, you are fully root.  Accounts can be set with limited privileges if you want.

Without sudo, you have root (admin) and non-root (users) accounts and groups to differentiate permissions as Sandy mentioned.  It's same same as how groups works in Windows.
0
 

Author Comment

by:jskfan
ID: 39851503
in windows you have Administrator at  the domain level (Domain Admin)
you have Administrator on the local server only.
you have power users and you have just regular users that cannot download or execute certain commands.


in Linux you have Root at the domain level , assuming we are using LDAP) and there is Root user on each server, I am not sure about the equivalent of powers users, account operators, print operators, backup operators, etc... in Linux.

it sounds like in Linux you can be either Root or regular user nothing in between...
0
 
LVL 21

Accepted Solution

by:
Mazdajai earned 167 total points
ID: 39851687
...Without sudo, you have root (admin) and non-root (users) accounts and groups to differentiate permissions as Sandy mentioned.  It's same same as how groups works in Windows.

Incorrect and disagree are two different terms. I will never say the groups works the same in  Windows vs Linux.

You can assign user rights to restart the server in Linux (not shutdown) but you can't in Windows. Why?

Group is merely a container in Linux, you can use username and never touch /etc/group in sudoer. (Bad practice but doable) On the other hand, Domain Admin and Schema Admin are predefined groups that cannot be substituted. Why?

Because they are fundamental two different type of operating systems. Linux design secure in mind whereas Windows design to be ease of use.
0
 

Author Closing Comment

by:jskfan
ID: 39851899
Thank you
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will explain how to establish a SSH connection to Ubuntu through the firewall and using a different port other then 22. I have set up a Ubuntu virtual machine in Virtualbox and I am running a Windows 7 workstation. From the Ubuntu vi…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now