& Nbsp; generally, you can log on as the root user to configure the system administrator by running the "su-" command and entering the correct root password. However, to further enhance the security of the system, it is necessary to establish an administrator group that only allows users in this group to execute the "su-" command.
Generally, you can log on as the root user to configure the system as administrator by executing the "su-" command and entering the correct root password. However, in order to further enhance the security of the system, it is necessary to establish an administrator group that only allows users in this group to execute the "su-" command to log on as the root user, users in other groups cannot log on as root even if they execute "su-" and enter the correct root password. In UNIX, the group name is usually "wheel ".
[Root @ sample ~] # Usermod-G wheel CentOSpub worker add the general user CentOSpub to the administrator Group's wheel Group
[Root @ sample ~] # Vi/etc/pam. d/su Hei open this configuration file
# Auth required/lib/security/$ ISA/pam_wheel.so use_uid locate this line and remove "#"
Bytes
Auth required/lib/security/$ ISA/pam_wheel.so use_uid restart changes to this state (approximately at the location of the 6th rows)
[Root @ sample ~] # Echo "SU_WHEEL_ONLY yes">/etc/login. defs statement: add the statement to the end of the row.
After completing the preceding operations, you can create a new user. then, you can use the new user to test the user. if the user is not added to the wheel Group, run the "su-" command, even if you enter the correct root password, you cannot log on as the root user.