• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 755
  • Last Modified:

Linux user Privileges

Linux user Privileges

In windows domain, you can have enterprise Admins, Domain Admins, Account operators, print operators,etc...

I wonder what is the equivalent in Linux (ubuntu)

Thank you
0
jskfan
Asked:
jskfan
  • 3
  • 2
  • 2
  • +2
6 Solutions
 
stu215Systems AnalystCommented:
Ubuntu User Management:
https://help.ubuntu.com/10.04/serverguide/user-management.html

Ubuntu File Permissions:
https://help.ubuntu.com/community/FilePermissions

Ubuntu General System Mgt:
https://help.ubuntu.com/community/SystemAdministration

Generally you would setup groups and then apply the group to a set of files, and then add users to those groups which would restrict access to files by a group.

NOTE: see the file permissions link above as you have to explicitly set what permissions you would like the group to have on a particular set of files / folders / etc.
0
 
jskfanAuthor Commented:
For instance Sudoers..
Are all users added to Sudoers file have the same privileges as Root user
0
 
stu215Systems AnalystCommented:
Adding a user to the sudoers file is giving the user a way to execute things as though they were the root user ( or a specified user ) but without allowing them to login as root.

Depeding on how its configured they should be prompted to enter a "sudo" password in order to execute the command they would like executed.

- You can setup different levels of users which can execute certain commands.

This explains it a bit better:
https://help.ubuntu.com/community/Sudoers
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
MazdajaiCommented:
There is no equivalent roles in  Ubuntu / Linux.

The only "admin" in Linux is root. The fore mention sudoers is similar as "Run As Administrator" in Windows but it is nowhere near root privileges.

man sudo

Open in new window

0
 
SandyCommented:
No it is not... Linux uses FLAT user db... not schema based. Linux has group called root, sys, operator ...

can be checked under /etc/group

TY/SA
0
 
serialbandCommented:
Mazdajai is incorrect.

As stu215 mentioned, if you have your sudo account set to run as full root, you are fully root.  Accounts can be set with limited privileges if you want.

Without sudo, you have root (admin) and non-root (users) accounts and groups to differentiate permissions as Sandy mentioned.  It's same same as how groups works in Windows.
0
 
jskfanAuthor Commented:
in windows you have Administrator at  the domain level (Domain Admin)
you have Administrator on the local server only.
you have power users and you have just regular users that cannot download or execute certain commands.


in Linux you have Root at the domain level , assuming we are using LDAP) and there is Root user on each server, I am not sure about the equivalent of powers users, account operators, print operators, backup operators, etc... in Linux.

it sounds like in Linux you can be either Root or regular user nothing in between...
0
 
MazdajaiCommented:
...Without sudo, you have root (admin) and non-root (users) accounts and groups to differentiate permissions as Sandy mentioned.  It's same same as how groups works in Windows.

Incorrect and disagree are two different terms. I will never say the groups works the same in  Windows vs Linux.

You can assign user rights to restart the server in Linux (not shutdown) but you can't in Windows. Why?

Group is merely a container in Linux, you can use username and never touch /etc/group in sudoer. (Bad practice but doable) On the other hand, Domain Admin and Schema Admin are predefined groups that cannot be substituted. Why?

Because they are fundamental two different type of operating systems. Linux design secure in mind whereas Windows design to be ease of use.
0
 
jskfanAuthor Commented:
Thank you
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now