Kusprayitna Blogs

Hidup untuk berbagi ilmu :: IT Linux Windows Database Oracle PHP OpenSource

Membuat User Baru di Centos

Posted by kusprayitna on August 19th, 2008

Instalasi Centos default usernya adalah root, sedangkan root adalah superuser.

Untuk membuat user baru maka yang perlu diperhatikan adalah hak user.

Sekarang akan dibuat user dengan hak seperti admin pengganti user root.

Tahapannya yaitu :

  1. Membuat usernya dengan nama prayitna

    #useradd prayitna -d /home/prayitna
     

  2. set passwordnya

    #passwd prayitna
    Changing password for user prayitna.
    New UNIX password:
    Retype new UNIX password:
    passwd: all authentication tokens updated successfully.
     

  3. Coba user baru, untuk login dan menjalankan perintah sudo

    #sudo groups

    We trust you have received the usual lecture from the local System
    Administrator. It usually boils down to these three things:
    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.
    Password:
    prayitna is not in the sudoers file.  This incident will be reported.
     

  4. Berikan hak untuk menjalankan SUDO
    Secara default user prayitna tidak bisa menjalankan SUDO, untuk bisa menjalankan perintah SUDO maka di Centos harus terinstall aplikasi sudoers.
    Kalau belum terinstall bisa menjalankan apt-get install sudo (di ubuntu) atau download rpmnya di http://www.rpmfind.net/RPMvisudo   --> untuk menjalankan editor SUDO      

    perintah ini akan mengedit file /etc/sudoers

  5. Ubah file sodoers sehingga prayitna dapak hak yang sesuai
    saya tambahkan prayitna dalam ADMINS yang bisa menjalankan semuanya.
## Sudoers allows particular users to run various commands as
## the root user, without needing the root password.
##
## Examples are provided at the bottom of the file for collections
## of related commands, which can then be delegated out to particular
## users or groups.
##
## This file must be edited with the 'visudo' command.
## Host Aliases
## Groups of machines. You may prefer to use hostnames (perhap using
## wildcards for entire domains) or IP addresses instead.
# Host_Alias     FILESERVERS = fs1, fs2
# Host_Alias     MAILSERVERS = smtp, smtp2

## User Aliases
## These aren't often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem
User_Alias ADMINS = prayitna

## Command Aliases
## These are groups of related commands...
## Networking
Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rf
comm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool

## Installation and management of software
Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum

## Services
Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig

## Updating the locate database

Cmnd_Alias LOCATE = /usr/sbin/updatedb

## Storage
Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount

## Delegating permissions
Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp

## Processes
Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall

## Drivers
Cmnd_Alias DRIVERS = /sbin/modprobe

# Defaults specification
#
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
#         You have to run "ssh -t hostname sudo <cmd>".
#
Defaults    requiretty
Defaults    env_reset
Defaults    env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
                        LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
                        LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
                        LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
                        LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
                        _XKB_CHARSET XAUTHORITY"

## Next comes the main part: which users can run what software on
## which machines (the sudoers file can be shared between multiple
## systems).

## Syntax:
##
##      user    MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL

## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS
ADMINS  ALL=(ALL)       ALL

## Allows people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

## Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

## Allows members of the users group to mount and unmount the
## cdrom as root
# %users  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom

## Allows members of the users group to shutdown this system

 

# %users  localhost=/sbin/shutdown -h now

Langkah terakhir uji coba hasil apakah perintah sudo sudah bisa dijalankan:

sudo groups

Password:

root bin daemon sys adm disk wheel

Alhamdulillah berhasil.

One Response to “Membuat User Baru di Centos”

  1. sofa Says:

    Hi
    Membuat User Baru di Centos
    I believe the content matter here is rattling magnificent. I genuinely enjoyed reading this article. Thank you!

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>