Add a new user to the CENTOS7 and authorize

Preface

Notebook installed a CentOS, want to let others can also login access, with their own account is not really good, so prepare a new user to him.

Create a new user

Create a user name: Zhangbiao

[Root@localhost ~]# AddUser Zhangbiao

Initialize the password for this user, Linux will judge the password complexity, but can be forced to ignore:

[Root@localhost ~]# passwd zhangbiao
Change the password for user Zhangbiao.
New Password: invalid password:
password not checked by dictionary-simplistic/systematized
re-enter new password:
passwd: All authentication tokens have been successfully updated.

Authorize

The permissions of individual users can only have full permissions under this home, and other directories are authorized by others. The root user's permissions are often required, and sudo can be manipulated as root. I remember I used to sudo created the file, and then found that I do not have read and write permissions, because the view permissions are created by root.

The newly created user will not be able to use the sudo command and need to add authorization to him.

The authorization management for sudo commands is in the sudoers file. You can look at Sudoers:

[Root@localhost ~]# sudoers
bash:sudoers: Command not found ...
[Root@localhost ~]# whereis sudoers
sudoers:/etc/sudoers/etc/sudoers.d/usr/libexec/sudoers.so/usr/share/man/ Man5/sudoers.5.gz

Locate the file location and then view the permissions:

[Root@localhost ~]# ls-l/etc/sudoers
-r--r-----1 root root 4251 September  15:08/etc/sudoers

Yes, only read-only permission, and if you want to modify it, you need to add the W permission first:

[Root@localhost ~]# chmod-v u+w/etc/sudoers
mode of "/etc/sudoers" changed from 0440 (r--r-----) to 0640 (rw-r-----)

You can then add the content and append the new user to the following line:

[Root@localhost ~]# vim/etc/sudoers


# Allow ROOT to run no commands anywher  
root    all= (all)  
Zhangbiao  All= (All)  #这个是新增的用户

Wq Save exit, at this time remember to write permission to retract:

[Root@localhost ~]# chmod-v u-w/etc/sudoers
mode of "/etc/sudoers" changed from 0640 (rw-r-----) to 0440 (r--r----- )

This time using the new user login, sudo:

[Zhangbiao@localhost ~]$ sudo cat/etc/passwd
[sudo] password for Zhangbiao: We Trust you have received the usual 

Lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) before you type.
    #3) with the great power comes great responsibility.

The first use will prompt you, you have become Superman, body responsible. And you need to enter a password to get to the next step. If you don't want to enter a password, change the last one to Nopasswd:all.