Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Linux user Privileges

Posted on 2014-02-10
9
Medium Priority
?
751 Views
Last Modified: 2014-02-11
Linux user Privileges

In windows domain, you can have enterprise Admins, Domain Admins, Account operators, print operators,etc...

I wonder what is the equivalent in Linux (ubuntu)

Thank you
0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 10

Assisted Solution

by:stu215
stu215 earned 664 total points
ID: 39848701
Ubuntu User Management:
https://help.ubuntu.com/10.04/serverguide/user-management.html

Ubuntu File Permissions:
https://help.ubuntu.com/community/FilePermissions

Ubuntu General System Mgt:
https://help.ubuntu.com/community/SystemAdministration

Generally you would setup groups and then apply the group to a set of files, and then add users to those groups which would restrict access to files by a group.

NOTE: see the file permissions link above as you have to explicitly set what permissions you would like the group to have on a particular set of files / folders / etc.
0
 

Author Comment

by:jskfan
ID: 39848739
For instance Sudoers..
Are all users added to Sudoers file have the same privileges as Root user
0
 
LVL 10

Assisted Solution

by:stu215
stu215 earned 664 total points
ID: 39848764
Adding a user to the sudoers file is giving the user a way to execute things as though they were the root user ( or a specified user ) but without allowing them to login as root.

Depeding on how its configured they should be prompted to enter a "sudo" password in order to execute the command they would like executed.

- You can setup different levels of users which can execute certain commands.

This explains it a bit better:
https://help.ubuntu.com/community/Sudoers
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 21

Assisted Solution

by:Mazdajai
Mazdajai earned 668 total points
ID: 39849250
There is no equivalent roles in  Ubuntu / Linux.

The only "admin" in Linux is root. The fore mention sudoers is similar as "Run As Administrator" in Windows but it is nowhere near root privileges.

man sudo

Open in new window

0
 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 332 total points
ID: 39849322
No it is not... Linux uses FLAT user db... not schema based. Linux has group called root, sys, operator ...

can be checked under /etc/group

TY/SA
0
 
LVL 30

Assisted Solution

by:serialband
serialband earned 336 total points
ID: 39850457
Mazdajai is incorrect.

As stu215 mentioned, if you have your sudo account set to run as full root, you are fully root.  Accounts can be set with limited privileges if you want.

Without sudo, you have root (admin) and non-root (users) accounts and groups to differentiate permissions as Sandy mentioned.  It's same same as how groups works in Windows.
0
 

Author Comment

by:jskfan
ID: 39851503
in windows you have Administrator at  the domain level (Domain Admin)
you have Administrator on the local server only.
you have power users and you have just regular users that cannot download or execute certain commands.


in Linux you have Root at the domain level , assuming we are using LDAP) and there is Root user on each server, I am not sure about the equivalent of powers users, account operators, print operators, backup operators, etc... in Linux.

it sounds like in Linux you can be either Root or regular user nothing in between...
0
 
LVL 21

Accepted Solution

by:
Mazdajai earned 668 total points
ID: 39851687
...Without sudo, you have root (admin) and non-root (users) accounts and groups to differentiate permissions as Sandy mentioned.  It's same same as how groups works in Windows.

Incorrect and disagree are two different terms. I will never say the groups works the same in  Windows vs Linux.

You can assign user rights to restart the server in Linux (not shutdown) but you can't in Windows. Why?

Group is merely a container in Linux, you can use username and never touch /etc/group in sudoer. (Bad practice but doable) On the other hand, Domain Admin and Schema Admin are predefined groups that cannot be substituted. Why?

Because they are fundamental two different type of operating systems. Linux design secure in mind whereas Windows design to be ease of use.
0
 

Author Closing Comment

by:jskfan
ID: 39851899
Thank you
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question