root user.

Support for security such as Firewalls and securing linux
lightman47
Posts: 1521
Joined: 2014/05/21 20:16:00
Location: Central New York, USA

Re: root user.

Post by lightman47 » 2019/11/09 12:22:51

Apologies - I'd never considered anyone would ever do that.

hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Re: root user.

Post by hack3rcon » 2019/11/09 12:40:33

lightman47 wrote:
2019/11/09 12:22:51
Apologies - I'd never considered anyone would ever do that.
Another user configured this server and I want to know why this happening.

tunk
Posts: 1204
Joined: 2017/02/22 15:08:17

Re: root user.

Post by tunk » 2019/11/09 13:32:03

Please carefully reread jlehtone's post.

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: root user.

Post by TrevorH » 2019/11/09 13:32:22

Because they did it wrong. You should never add another user with a duplicate uid - you have two of them that are uid==0 which is root. One of your root users is called 'testuser'.

Do not do this. Set up a normal user and configure sudo to allow its access to the things it actually needs to do.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Re: root user.

Post by hack3rcon » 2019/11/09 16:14:22

TrevorH wrote:
2019/11/09 13:32:22
Because they did it wrong. You should never add another user with a duplicate uid - you have two of them that are uid==0 which is root. One of your root users is called 'testuser'.

Do not do this. Set up a normal user and configure sudo to allow its access to the things it actually needs to do.
Thanks.
How can I convert "testuser" to the normal?

tunk
Posts: 1204
Joined: 2017/02/22 15:08:17

Re: root user.

Post by tunk » 2019/11/09 16:35:33

Don't know if it's recommended, but you could remove "testuser"
from /etc/passwd+shadow and then create a new user.
Edit: Also look at the userdel command (NB: do not use the "-r"
option).

Wonder how many other questionable "surprises" are left in your
system: You may be better off with a complete reinstall. If so,
use CentOS 7 or 8, as 6 only has one year support left.

lightman47
Posts: 1521
Joined: 2014/05/21 20:16:00
Location: Central New York, USA

Re: root user.

Post by lightman47 » 2019/11/09 17:42:07

So - testuser was logging in and had no restrictions, and everything "he" did got logged as root? (I don't know but it seems that way to me) - I'd be clean installing, as tunk suggests, if it were a machine for which I was responsible.

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: root user.

Post by TrevorH » 2019/11/09 18:28:24

He had it set up with two users with the same iud so they are the same user by different names.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

lightman47
Posts: 1521
Joined: 2014/05/21 20:16:00
Location: Central New York, USA

Re: root user.

Post by lightman47 » 2019/11/09 19:03:53

bends the brain as to how that might have worked; I'll need to think more about this. I always just 'accepted' the group and passwd files without actually knowing their actual use/purpose(s).

And, testuser in this case was 500 (initial user during install back then) in 'group', but 0:0 in 'passwd'. Clearly, I need to lookup/study.

hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Re: root user.

Post by hack3rcon » 2019/11/10 06:18:48

I can't do a clean installation. It is a web server.
I'm afraid to use "deluser" command because the user act as root and...

Post Reply