Wheel Group

You can deny users the right to become root by using the wheel group

addgroup wheel

adduser User1 wheel
adduser User2 wheel

chgrp wheel /usr/bin/sudo /bin/su
chmod 4750 /usr/bin/sudo /bin/su
ls -l /usr/bin/sudo /bin/su

Now, before closing your root session, try log in as a normal user and then become root using:

su -

Then log in as an user not in the wheel group, and try to become root.

page revision: 4, last edited: 30 Apr 2009 15:03
Edit Tags History Files Print Site tools + Options
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License