Grant full root permissions to an user

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
-4
down vote

favorite












In /etc/sudoers i added:
%myuser ALL=(ALL) NOPASSWD:ALL



Now if i type sudo apt update i don' t need to type the password.

But i want full root permissions: namely, i want to use only apt update.

The apt is an example i want FULL ROOT PERMISSIONS, another example create/modify files everywhere.

I know that i can log in as root (in some OS), but is not to grant root permissions to an user.



I tried to use the root line (root ALL=(ALL:ALL) ALL) in the myuser line but nothing:
%myuser ALL=(ALL:ALL) ALL



This is my /etc/sudoers file:



#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root ALL=(ALL:ALL) ALL
scorpion ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

%scorpion ALL=(ALL) NOPASSWD:ALL


I changed the user's UID and GID to 0, but is wrong never do it it will break the user.

Now this is my terminal: I have no name!@my-pc.

I cannot use sudo or su. The root user is not allowed to log in in this system. I' m switching to Debian now i' m on Ubuntu.

I already know how to fix it, log in with CTRL+ALT+F1 and root credentials, then set as before UID and GID.



On Debian initially works but after reboot i can' t login. I cannot change the password passwd: myuser 'myuser' does not exist. So i set as before the UID and GID, i tried to change the password but:



passwd: Authentication token manipulation error
passwd: password unchanged


When i log in i get wrong password.



If is impossible, plan B log in as root but move the /root(home) folder to the home partitions for easier backup and when change/reinstall a OS to be not formatted.






permissions users root







share|improve this question























  • When you start a new shell session, you can just type sudo su - and you will become root and not have to use sudo.
    – Nasir Riley
    Sep 27 at 22:31











  • It's bad practice to modify the root line in the sudoers file. Please undo the edit, and see my answer.
    – eyoung100
    Sep 28 at 2:47














up vote
-4
down vote

favorite












In /etc/sudoers i added:
%myuser ALL=(ALL) NOPASSWD:ALL



Now if i type sudo apt update i don' t need to type the password.

But i want full root permissions: namely, i want to use only apt update.

The apt is an example i want FULL ROOT PERMISSIONS, another example create/modify files everywhere.

I know that i can log in as root (in some OS), but is not to grant root permissions to an user.



I tried to use the root line (root ALL=(ALL:ALL) ALL) in the myuser line but nothing:
%myuser ALL=(ALL:ALL) ALL



This is my /etc/sudoers file:



#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root ALL=(ALL:ALL) ALL
scorpion ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

%scorpion ALL=(ALL) NOPASSWD:ALL


I changed the user's UID and GID to 0, but is wrong never do it it will break the user.

Now this is my terminal: I have no name!@my-pc.

I cannot use sudo or su. The root user is not allowed to log in in this system. I' m switching to Debian now i' m on Ubuntu.

I already know how to fix it, log in with CTRL+ALT+F1 and root credentials, then set as before UID and GID.



On Debian initially works but after reboot i can' t login. I cannot change the password passwd: myuser 'myuser' does not exist. So i set as before the UID and GID, i tried to change the password but:



passwd: Authentication token manipulation error
passwd: password unchanged


When i log in i get wrong password.



If is impossible, plan B log in as root but move the /root(home) folder to the home partitions for easier backup and when change/reinstall a OS to be not formatted.






permissions users root







share|improve this question























  • When you start a new shell session, you can just type sudo su - and you will become root and not have to use sudo.
    – Nasir Riley
    Sep 27 at 22:31











  • It's bad practice to modify the root line in the sudoers file. Please undo the edit, and see my answer.
    – eyoung100
    Sep 28 at 2:47












up vote
-4
down vote

favorite









up vote
-4
down vote

favorite











In /etc/sudoers i added:
%myuser ALL=(ALL) NOPASSWD:ALL



Now if i type sudo apt update i don' t need to type the password.

But i want full root permissions: namely, i want to use only apt update.

The apt is an example i want FULL ROOT PERMISSIONS, another example create/modify files everywhere.

I know that i can log in as root (in some OS), but is not to grant root permissions to an user.



I tried to use the root line (root ALL=(ALL:ALL) ALL) in the myuser line but nothing:
%myuser ALL=(ALL:ALL) ALL



This is my /etc/sudoers file:



#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root ALL=(ALL:ALL) ALL
scorpion ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

%scorpion ALL=(ALL) NOPASSWD:ALL


I changed the user's UID and GID to 0, but is wrong never do it it will break the user.

Now this is my terminal: I have no name!@my-pc.

I cannot use sudo or su. The root user is not allowed to log in in this system. I' m switching to Debian now i' m on Ubuntu.

I already know how to fix it, log in with CTRL+ALT+F1 and root credentials, then set as before UID and GID.



On Debian initially works but after reboot i can' t login. I cannot change the password passwd: myuser 'myuser' does not exist. So i set as before the UID and GID, i tried to change the password but:



passwd: Authentication token manipulation error
passwd: password unchanged


When i log in i get wrong password.



If is impossible, plan B log in as root but move the /root(home) folder to the home partitions for easier backup and when change/reinstall a OS to be not formatted.






permissions users root







share|improve this question















In /etc/sudoers i added:
%myuser ALL=(ALL) NOPASSWD:ALL



Now if i type sudo apt update i don' t need to type the password.

But i want full root permissions: namely, i want to use only apt update.

The apt is an example i want FULL ROOT PERMISSIONS, another example create/modify files everywhere.

I know that i can log in as root (in some OS), but is not to grant root permissions to an user.



I tried to use the root line (root ALL=(ALL:ALL) ALL) in the myuser line but nothing:
%myuser ALL=(ALL:ALL) ALL



This is my /etc/sudoers file:



#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root ALL=(ALL:ALL) ALL
scorpion ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

%scorpion ALL=(ALL) NOPASSWD:ALL


I changed the user's UID and GID to 0, but is wrong never do it it will break the user.

Now this is my terminal: I have no name!@my-pc.

I cannot use sudo or su. The root user is not allowed to log in in this system. I' m switching to Debian now i' m on Ubuntu.

I already know how to fix it, log in with CTRL+ALT+F1 and root credentials, then set as before UID and GID.



On Debian initially works but after reboot i can' t login. I cannot change the password passwd: myuser 'myuser' does not exist. So i set as before the UID and GID, i tried to change the password but:



passwd: Authentication token manipulation error
passwd: password unchanged


When i log in i get wrong password.



If is impossible, plan B log in as root but move the /root(home) folder to the home partitions for easier backup and when change/reinstall a OS to be not formatted.






permissions users root




permissions users root






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Sep 28 at 12:32

























asked Sep 27 at 21:49









Scorpion

475




475











  • When you start a new shell session, you can just type sudo su - and you will become root and not have to use sudo.
    – Nasir Riley
    Sep 27 at 22:31











  • It's bad practice to modify the root line in the sudoers file. Please undo the edit, and see my answer.
    – eyoung100
    Sep 28 at 2:47
















  • When you start a new shell session, you can just type sudo su - and you will become root and not have to use sudo.
    – Nasir Riley
    Sep 27 at 22:31











  • It's bad practice to modify the root line in the sudoers file. Please undo the edit, and see my answer.
    – eyoung100
    Sep 28 at 2:47















When you start a new shell session, you can just type sudo su - and you will become root and not have to use sudo.
– Nasir Riley
Sep 27 at 22:31





When you start a new shell session, you can just type sudo su - and you will become root and not have to use sudo.
– Nasir Riley
Sep 27 at 22:31













It's bad practice to modify the root line in the sudoers file. Please undo the edit, and see my answer.
– eyoung100
Sep 28 at 2:47




It's bad practice to modify the root line in the sudoers file. Please undo the edit, and see my answer.
– eyoung100
Sep 28 at 2:47










3 Answers
3






active

oldest

votes

















up vote
4
down vote













The more secure way to run apt update with root privileges, without typing sudo apt update, would be to add an alias for apt to your user's profile:



  • alias apt='sudo apt'

Then, whenever you run apt update, or apt upgrade, or apt install <pkg>, the apt command will be run with root privileges. But other commands will just run as your normal user, with normal user privileges.



Now, Acknowledging that there are valid reasons why we don't just run all users with root permissions, the following is a way you can give a user all the same permissions as root, that doesn't use sudo.



  • Change the user's UID and GID to 0 with usermod -ou 0 -g 0 <username>

This will change everything your <username> user does to run with root permissions. Everything.



Yes. I know this is massively insecure. But, it does answer the question.



If you choose this route, please do it on a system you don't mind re-installing from time to time. Running everything as root can end up having unforeseen consequences.






share|improve this answer
















  • 3




    The usermod suggestion is the permanent solution the OP is asking for, hence the upvote. I will expect another question soon on how to recover the system after an accidental oops.
    – Doug O'Neal
    Sep 27 at 23:05










  • Everyone has to learn sometime. When I first started using Linux, I must have reinstalled my system almost daily, from screwing something up. Fixing screwups is really a great way to learn. :)
    – Tim Kennedy
    Sep 27 at 23:07






  • 2




    I have told my staff multiple times that you're not a real sysadmin until you have totally destroyed at least one system, often a production server. :)
    – Doug O'Neal
    Sep 27 at 23:09










  • hahaha... that's so true! :D
    – Tim Kennedy
    Sep 27 at 23:17










  • I already reinstalled the system some times :) now i ' m gonna try the usermod -ou 0 -g 0 <username> change only the UID (as told me before) is a bad idea. The apt is an example i want all root permission, so i can create/modify files everywhere.
    – Scorpion
    Sep 28 at 8:12


















up vote
0
down vote













You can type sudo -i, then you get an interactive root shell and don't have to type sudo before each command.






share|improve this answer




















  • I want a permanent solution.
    – Scorpion
    Sep 27 at 21:56










  • Then place that command in the user's .profile. Or let the user login as root.
    – RalfFriedl
    Sep 27 at 22:01










  • How can i let the user login as root?
    – Scorpion
    Sep 27 at 22:08










  • I just set a password for root and can login as root. If your distribution disables root login, you should find out how it is done and undo it. Or at least mention what distribution you are using.
    – RalfFriedl
    Sep 27 at 22:17










  • Right, but i don' t want to login as root i want the user to become a "second" root.
    – Scorpion
    Sep 27 at 22:22


















up vote
0
down vote













Using Gentoo's /etc/sudoers file as a default, you have two options:



Option 1:



## sudoers file.
.. snip ..
## User privilege specification
##
root ALL=(ALL) ALL
## Add your user here. This allows you to run all commands as root, 
## not just the update commands.
scorpion ALL=(ALL) ALL
.. snip ..


Option 2:



## sudoers file.
.. snip ..
## User alias specification
##
## Groups of users. These may consist of user names, uids, Unix groups,
## or netgroups.
# User_Alias ADMINS = millert, dowdy, mikef
User_Alias UPDATERS = scorpion
##
## Cmnd alias specification
##
## Groups of commands. Often used to group related commands together.
# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, 
# /usr/bin/pkill, /usr/bin/top
# Cmnd_Alias REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff
Cmnd_Alias UPDATE = /path/to/apt-get, /path/to/apt
.. snip ..
##
## User privilege specification
##
root ALL=(ALL) ALL
UPDATERS ALL=NOPASSWD: UPDATE


Notes



  1. This example assumes your username is scorpion.

  2. I assume the path to all the apt commands are in /sbin but Gentoo doesn't use apt or apt-get so don't forget to edit.

  3. This can be done without adding Command Aliases, and User Aliases, but IMHO, the aliases make it easier to add commands, and to debug if needed.





share|improve this answer




















  • Option is not working is similar to use the root line for my user. Option 2 is for apt only right? i want to grant full root permissions not only apt.
    – Scorpion
    Sep 28 at 9:03










  • If you want full permission everywhere then add your user to the sudo group, aka wheel, and remove the comment on the line starting %sudo ALL = ALL... with the nopasswd option. It may read %wheel. You cannot do what your asking, as sudo sets the proper permissions bit, and the UID/GID of 0 should always belong to root as @TimKennedy pointed out.
    – eyoung100
    Sep 28 at 9:41










  • Could you clarify? Yes UID and GID should belong to root, but Tim has only said "Yes. I know this is massively insecure" the problem is that it doens' t work, it will break the user. I removed the comment now i can' t use sudo. Can you post the right configuration?
    – Scorpion
    Sep 28 at 10:24











  • i can' t tag you any can you post the right configuration?
    – Scorpion
    Oct 2 at 21:17










  • Follow @TimKennedy's answer, and set your UID and GID to zero, thereby replacing the root user with your user. The reason it's "massively insecure" is because you have removed all safety measures. See What's wrong with always being root? Before I can advise you on the proper configuration, should you decide against Tim's answer I need to know what distribution you're using.
    – eyoung100
    2 days ago










Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f471946%2fgrant-full-root-permissions-to-an-user%23new-answer', 'question_page');

);

Post as a guest

















3 Answers
3






active

oldest

votes








3 Answers
3






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
4
down vote













The more secure way to run apt update with root privileges, without typing sudo apt update, would be to add an alias for apt to your user's profile:



  • alias apt='sudo apt'

Then, whenever you run apt update, or apt upgrade, or apt install <pkg>, the apt command will be run with root privileges. But other commands will just run as your normal user, with normal user privileges.



Now, Acknowledging that there are valid reasons why we don't just run all users with root permissions, the following is a way you can give a user all the same permissions as root, that doesn't use sudo.



  • Change the user's UID and GID to 0 with usermod -ou 0 -g 0 <username>

This will change everything your <username> user does to run with root permissions. Everything.



Yes. I know this is massively insecure. But, it does answer the question.



If you choose this route, please do it on a system you don't mind re-installing from time to time. Running everything as root can end up having unforeseen consequences.






share|improve this answer
















  • 3




    The usermod suggestion is the permanent solution the OP is asking for, hence the upvote. I will expect another question soon on how to recover the system after an accidental oops.
    – Doug O'Neal
    Sep 27 at 23:05










  • Everyone has to learn sometime. When I first started using Linux, I must have reinstalled my system almost daily, from screwing something up. Fixing screwups is really a great way to learn. :)
    – Tim Kennedy
    Sep 27 at 23:07






  • 2




    I have told my staff multiple times that you're not a real sysadmin until you have totally destroyed at least one system, often a production server. :)
    – Doug O'Neal
    Sep 27 at 23:09










  • hahaha... that's so true! :D
    – Tim Kennedy
    Sep 27 at 23:17










  • I already reinstalled the system some times :) now i ' m gonna try the usermod -ou 0 -g 0 <username> change only the UID (as told me before) is a bad idea. The apt is an example i want all root permission, so i can create/modify files everywhere.
    – Scorpion
    Sep 28 at 8:12















up vote
4
down vote













The more secure way to run apt update with root privileges, without typing sudo apt update, would be to add an alias for apt to your user's profile:



  • alias apt='sudo apt'

Then, whenever you run apt update, or apt upgrade, or apt install <pkg>, the apt command will be run with root privileges. But other commands will just run as your normal user, with normal user privileges.



Now, Acknowledging that there are valid reasons why we don't just run all users with root permissions, the following is a way you can give a user all the same permissions as root, that doesn't use sudo.



  • Change the user's UID and GID to 0 with usermod -ou 0 -g 0 <username>

This will change everything your <username> user does to run with root permissions. Everything.



Yes. I know this is massively insecure. But, it does answer the question.



If you choose this route, please do it on a system you don't mind re-installing from time to time. Running everything as root can end up having unforeseen consequences.






share|improve this answer
















  • 3




    The usermod suggestion is the permanent solution the OP is asking for, hence the upvote. I will expect another question soon on how to recover the system after an accidental oops.
    – Doug O'Neal
    Sep 27 at 23:05










  • Everyone has to learn sometime. When I first started using Linux, I must have reinstalled my system almost daily, from screwing something up. Fixing screwups is really a great way to learn. :)
    – Tim Kennedy
    Sep 27 at 23:07






  • 2




    I have told my staff multiple times that you're not a real sysadmin until you have totally destroyed at least one system, often a production server. :)
    – Doug O'Neal
    Sep 27 at 23:09










  • hahaha... that's so true! :D
    – Tim Kennedy
    Sep 27 at 23:17










  • I already reinstalled the system some times :) now i ' m gonna try the usermod -ou 0 -g 0 <username> change only the UID (as told me before) is a bad idea. The apt is an example i want all root permission, so i can create/modify files everywhere.
    – Scorpion
    Sep 28 at 8:12













up vote
4
down vote










up vote
4
down vote









The more secure way to run apt update with root privileges, without typing sudo apt update, would be to add an alias for apt to your user's profile:



  • alias apt='sudo apt'

Then, whenever you run apt update, or apt upgrade, or apt install <pkg>, the apt command will be run with root privileges. But other commands will just run as your normal user, with normal user privileges.



Now, Acknowledging that there are valid reasons why we don't just run all users with root permissions, the following is a way you can give a user all the same permissions as root, that doesn't use sudo.



  • Change the user's UID and GID to 0 with usermod -ou 0 -g 0 <username>

This will change everything your <username> user does to run with root permissions. Everything.



Yes. I know this is massively insecure. But, it does answer the question.



If you choose this route, please do it on a system you don't mind re-installing from time to time. Running everything as root can end up having unforeseen consequences.






share|improve this answer












The more secure way to run apt update with root privileges, without typing sudo apt update, would be to add an alias for apt to your user's profile:



  • alias apt='sudo apt'

Then, whenever you run apt update, or apt upgrade, or apt install <pkg>, the apt command will be run with root privileges. But other commands will just run as your normal user, with normal user privileges.



Now, Acknowledging that there are valid reasons why we don't just run all users with root permissions, the following is a way you can give a user all the same permissions as root, that doesn't use sudo.



  • Change the user's UID and GID to 0 with usermod -ou 0 -g 0 <username>

This will change everything your <username> user does to run with root permissions. Everything.



Yes. I know this is massively insecure. But, it does answer the question.



If you choose this route, please do it on a system you don't mind re-installing from time to time. Running everything as root can end up having unforeseen consequences.







share|improve this answer












share|improve this answer



share|improve this answer










answered Sep 27 at 23:03









Tim Kennedy

13.8k22949




13.8k22949







  • 3




    The usermod suggestion is the permanent solution the OP is asking for, hence the upvote. I will expect another question soon on how to recover the system after an accidental oops.
    – Doug O'Neal
    Sep 27 at 23:05










  • Everyone has to learn sometime. When I first started using Linux, I must have reinstalled my system almost daily, from screwing something up. Fixing screwups is really a great way to learn. :)
    – Tim Kennedy
    Sep 27 at 23:07






  • 2




    I have told my staff multiple times that you're not a real sysadmin until you have totally destroyed at least one system, often a production server. :)
    – Doug O'Neal
    Sep 27 at 23:09










  • hahaha... that's so true! :D
    – Tim Kennedy
    Sep 27 at 23:17










  • I already reinstalled the system some times :) now i ' m gonna try the usermod -ou 0 -g 0 <username> change only the UID (as told me before) is a bad idea. The apt is an example i want all root permission, so i can create/modify files everywhere.
    – Scorpion
    Sep 28 at 8:12













  • 3




    The usermod suggestion is the permanent solution the OP is asking for, hence the upvote. I will expect another question soon on how to recover the system after an accidental oops.
    – Doug O'Neal
    Sep 27 at 23:05










  • Everyone has to learn sometime. When I first started using Linux, I must have reinstalled my system almost daily, from screwing something up. Fixing screwups is really a great way to learn. :)
    – Tim Kennedy
    Sep 27 at 23:07






  • 2




    I have told my staff multiple times that you're not a real sysadmin until you have totally destroyed at least one system, often a production server. :)
    – Doug O'Neal
    Sep 27 at 23:09










  • hahaha... that's so true! :D
    – Tim Kennedy
    Sep 27 at 23:17










  • I already reinstalled the system some times :) now i ' m gonna try the usermod -ou 0 -g 0 <username> change only the UID (as told me before) is a bad idea. The apt is an example i want all root permission, so i can create/modify files everywhere.
    – Scorpion
    Sep 28 at 8:12








3




3




The usermod suggestion is the permanent solution the OP is asking for, hence the upvote. I will expect another question soon on how to recover the system after an accidental oops.
– Doug O'Neal
Sep 27 at 23:05




The usermod suggestion is the permanent solution the OP is asking for, hence the upvote. I will expect another question soon on how to recover the system after an accidental oops.
– Doug O'Neal
Sep 27 at 23:05












Everyone has to learn sometime. When I first started using Linux, I must have reinstalled my system almost daily, from screwing something up. Fixing screwups is really a great way to learn. :)
– Tim Kennedy
Sep 27 at 23:07




Everyone has to learn sometime. When I first started using Linux, I must have reinstalled my system almost daily, from screwing something up. Fixing screwups is really a great way to learn. :)
– Tim Kennedy
Sep 27 at 23:07




2




2




I have told my staff multiple times that you're not a real sysadmin until you have totally destroyed at least one system, often a production server. :)
– Doug O'Neal
Sep 27 at 23:09




I have told my staff multiple times that you're not a real sysadmin until you have totally destroyed at least one system, often a production server. :)
– Doug O'Neal
Sep 27 at 23:09












hahaha... that's so true! :D
– Tim Kennedy
Sep 27 at 23:17




hahaha... that's so true! :D
– Tim Kennedy
Sep 27 at 23:17












I already reinstalled the system some times :) now i ' m gonna try the usermod -ou 0 -g 0 <username> change only the UID (as told me before) is a bad idea. The apt is an example i want all root permission, so i can create/modify files everywhere.
– Scorpion
Sep 28 at 8:12





I already reinstalled the system some times :) now i ' m gonna try the usermod -ou 0 -g 0 <username> change only the UID (as told me before) is a bad idea. The apt is an example i want all root permission, so i can create/modify files everywhere.
– Scorpion
Sep 28 at 8:12













up vote
0
down vote













You can type sudo -i, then you get an interactive root shell and don't have to type sudo before each command.






share|improve this answer




















  • I want a permanent solution.
    – Scorpion
    Sep 27 at 21:56










  • Then place that command in the user's .profile. Or let the user login as root.
    – RalfFriedl
    Sep 27 at 22:01










  • How can i let the user login as root?
    – Scorpion
    Sep 27 at 22:08










  • I just set a password for root and can login as root. If your distribution disables root login, you should find out how it is done and undo it. Or at least mention what distribution you are using.
    – RalfFriedl
    Sep 27 at 22:17










  • Right, but i don' t want to login as root i want the user to become a "second" root.
    – Scorpion
    Sep 27 at 22:22















up vote
0
down vote













You can type sudo -i, then you get an interactive root shell and don't have to type sudo before each command.






share|improve this answer




















  • I want a permanent solution.
    – Scorpion
    Sep 27 at 21:56










  • Then place that command in the user's .profile. Or let the user login as root.
    – RalfFriedl
    Sep 27 at 22:01










  • How can i let the user login as root?
    – Scorpion
    Sep 27 at 22:08










  • I just set a password for root and can login as root. If your distribution disables root login, you should find out how it is done and undo it. Or at least mention what distribution you are using.
    – RalfFriedl
    Sep 27 at 22:17










  • Right, but i don' t want to login as root i want the user to become a "second" root.
    – Scorpion
    Sep 27 at 22:22













up vote
0
down vote










up vote
0
down vote









You can type sudo -i, then you get an interactive root shell and don't have to type sudo before each command.






share|improve this answer












You can type sudo -i, then you get an interactive root shell and don't have to type sudo before each command.







share|improve this answer












share|improve this answer



share|improve this answer










answered Sep 27 at 21:54









RalfFriedl

4,2481725




4,2481725











  • I want a permanent solution.
    – Scorpion
    Sep 27 at 21:56










  • Then place that command in the user's .profile. Or let the user login as root.
    – RalfFriedl
    Sep 27 at 22:01










  • How can i let the user login as root?
    – Scorpion
    Sep 27 at 22:08










  • I just set a password for root and can login as root. If your distribution disables root login, you should find out how it is done and undo it. Or at least mention what distribution you are using.
    – RalfFriedl
    Sep 27 at 22:17










  • Right, but i don' t want to login as root i want the user to become a "second" root.
    – Scorpion
    Sep 27 at 22:22

















  • I want a permanent solution.
    – Scorpion
    Sep 27 at 21:56










  • Then place that command in the user's .profile. Or let the user login as root.
    – RalfFriedl
    Sep 27 at 22:01










  • How can i let the user login as root?
    – Scorpion
    Sep 27 at 22:08










  • I just set a password for root and can login as root. If your distribution disables root login, you should find out how it is done and undo it. Or at least mention what distribution you are using.
    – RalfFriedl
    Sep 27 at 22:17










  • Right, but i don' t want to login as root i want the user to become a "second" root.
    – Scorpion
    Sep 27 at 22:22
















I want a permanent solution.
– Scorpion
Sep 27 at 21:56




I want a permanent solution.
– Scorpion
Sep 27 at 21:56












Then place that command in the user's .profile. Or let the user login as root.
– RalfFriedl
Sep 27 at 22:01




Then place that command in the user's .profile. Or let the user login as root.
– RalfFriedl
Sep 27 at 22:01












How can i let the user login as root?
– Scorpion
Sep 27 at 22:08




How can i let the user login as root?
– Scorpion
Sep 27 at 22:08












I just set a password for root and can login as root. If your distribution disables root login, you should find out how it is done and undo it. Or at least mention what distribution you are using.
– RalfFriedl
Sep 27 at 22:17




I just set a password for root and can login as root. If your distribution disables root login, you should find out how it is done and undo it. Or at least mention what distribution you are using.
– RalfFriedl
Sep 27 at 22:17












Right, but i don' t want to login as root i want the user to become a "second" root.
– Scorpion
Sep 27 at 22:22





Right, but i don' t want to login as root i want the user to become a "second" root.
– Scorpion
Sep 27 at 22:22











up vote
0
down vote













Using Gentoo's /etc/sudoers file as a default, you have two options:



Option 1:



## sudoers file.
.. snip ..
## User privilege specification
##
root ALL=(ALL) ALL
## Add your user here. This allows you to run all commands as root, 
## not just the update commands.
scorpion ALL=(ALL) ALL
.. snip ..


Option 2:



## sudoers file.
.. snip ..
## User alias specification
##
## Groups of users. These may consist of user names, uids, Unix groups,
## or netgroups.
# User_Alias ADMINS = millert, dowdy, mikef
User_Alias UPDATERS = scorpion
##
## Cmnd alias specification
##
## Groups of commands. Often used to group related commands together.
# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, 
# /usr/bin/pkill, /usr/bin/top
# Cmnd_Alias REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff
Cmnd_Alias UPDATE = /path/to/apt-get, /path/to/apt
.. snip ..
##
## User privilege specification
##
root ALL=(ALL) ALL
UPDATERS ALL=NOPASSWD: UPDATE


Notes



  1. This example assumes your username is scorpion.

  2. I assume the path to all the apt commands are in /sbin but Gentoo doesn't use apt or apt-get so don't forget to edit.

  3. This can be done without adding Command Aliases, and User Aliases, but IMHO, the aliases make it easier to add commands, and to debug if needed.





share|improve this answer




















  • Option is not working is similar to use the root line for my user. Option 2 is for apt only right? i want to grant full root permissions not only apt.
    – Scorpion
    Sep 28 at 9:03










  • If you want full permission everywhere then add your user to the sudo group, aka wheel, and remove the comment on the line starting %sudo ALL = ALL... with the nopasswd option. It may read %wheel. You cannot do what your asking, as sudo sets the proper permissions bit, and the UID/GID of 0 should always belong to root as @TimKennedy pointed out.
    – eyoung100
    Sep 28 at 9:41










  • Could you clarify? Yes UID and GID should belong to root, but Tim has only said "Yes. I know this is massively insecure" the problem is that it doens' t work, it will break the user. I removed the comment now i can' t use sudo. Can you post the right configuration?
    – Scorpion
    Sep 28 at 10:24











  • i can' t tag you any can you post the right configuration?
    – Scorpion
    Oct 2 at 21:17










  • Follow @TimKennedy's answer, and set your UID and GID to zero, thereby replacing the root user with your user. The reason it's "massively insecure" is because you have removed all safety measures. See What's wrong with always being root? Before I can advise you on the proper configuration, should you decide against Tim's answer I need to know what distribution you're using.
    – eyoung100
    2 days ago














up vote
0
down vote













Using Gentoo's /etc/sudoers file as a default, you have two options:



Option 1:



## sudoers file.
.. snip ..
## User privilege specification
##
root ALL=(ALL) ALL
## Add your user here. This allows you to run all commands as root, 
## not just the update commands.
scorpion ALL=(ALL) ALL
.. snip ..


Option 2:



## sudoers file.
.. snip ..
## User alias specification
##
## Groups of users. These may consist of user names, uids, Unix groups,
## or netgroups.
# User_Alias ADMINS = millert, dowdy, mikef
User_Alias UPDATERS = scorpion
##
## Cmnd alias specification
##
## Groups of commands. Often used to group related commands together.
# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, 
# /usr/bin/pkill, /usr/bin/top
# Cmnd_Alias REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff
Cmnd_Alias UPDATE = /path/to/apt-get, /path/to/apt
.. snip ..
##
## User privilege specification
##
root ALL=(ALL) ALL
UPDATERS ALL=NOPASSWD: UPDATE


Notes



  1. This example assumes your username is scorpion.

  2. I assume the path to all the apt commands are in /sbin but Gentoo doesn't use apt or apt-get so don't forget to edit.

  3. This can be done without adding Command Aliases, and User Aliases, but IMHO, the aliases make it easier to add commands, and to debug if needed.





share|improve this answer




















  • Option is not working is similar to use the root line for my user. Option 2 is for apt only right? i want to grant full root permissions not only apt.
    – Scorpion
    Sep 28 at 9:03










  • If you want full permission everywhere then add your user to the sudo group, aka wheel, and remove the comment on the line starting %sudo ALL = ALL... with the nopasswd option. It may read %wheel. You cannot do what your asking, as sudo sets the proper permissions bit, and the UID/GID of 0 should always belong to root as @TimKennedy pointed out.
    – eyoung100
    Sep 28 at 9:41










  • Could you clarify? Yes UID and GID should belong to root, but Tim has only said "Yes. I know this is massively insecure" the problem is that it doens' t work, it will break the user. I removed the comment now i can' t use sudo. Can you post the right configuration?
    – Scorpion
    Sep 28 at 10:24











  • i can' t tag you any can you post the right configuration?
    – Scorpion
    Oct 2 at 21:17










  • Follow @TimKennedy's answer, and set your UID and GID to zero, thereby replacing the root user with your user. The reason it's "massively insecure" is because you have removed all safety measures. See What's wrong with always being root? Before I can advise you on the proper configuration, should you decide against Tim's answer I need to know what distribution you're using.
    – eyoung100
    2 days ago












up vote
0
down vote










up vote
0
down vote









Using Gentoo's /etc/sudoers file as a default, you have two options:



Option 1:



## sudoers file.
.. snip ..
## User privilege specification
##
root ALL=(ALL) ALL
## Add your user here. This allows you to run all commands as root, 
## not just the update commands.
scorpion ALL=(ALL) ALL
.. snip ..


Option 2:



## sudoers file.
.. snip ..
## User alias specification
##
## Groups of users. These may consist of user names, uids, Unix groups,
## or netgroups.
# User_Alias ADMINS = millert, dowdy, mikef
User_Alias UPDATERS = scorpion
##
## Cmnd alias specification
##
## Groups of commands. Often used to group related commands together.
# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, 
# /usr/bin/pkill, /usr/bin/top
# Cmnd_Alias REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff
Cmnd_Alias UPDATE = /path/to/apt-get, /path/to/apt
.. snip ..
##
## User privilege specification
##
root ALL=(ALL) ALL
UPDATERS ALL=NOPASSWD: UPDATE


Notes



  1. This example assumes your username is scorpion.

  2. I assume the path to all the apt commands are in /sbin but Gentoo doesn't use apt or apt-get so don't forget to edit.

  3. This can be done without adding Command Aliases, and User Aliases, but IMHO, the aliases make it easier to add commands, and to debug if needed.





share|improve this answer












Using Gentoo's /etc/sudoers file as a default, you have two options:



Option 1:



## sudoers file.
.. snip ..
## User privilege specification
##
root ALL=(ALL) ALL
## Add your user here. This allows you to run all commands as root, 
## not just the update commands.
scorpion ALL=(ALL) ALL
.. snip ..


Option 2:



## sudoers file.
.. snip ..
## User alias specification
##
## Groups of users. These may consist of user names, uids, Unix groups,
## or netgroups.
# User_Alias ADMINS = millert, dowdy, mikef
User_Alias UPDATERS = scorpion
##
## Cmnd alias specification
##
## Groups of commands. Often used to group related commands together.
# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, 
# /usr/bin/pkill, /usr/bin/top
# Cmnd_Alias REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff
Cmnd_Alias UPDATE = /path/to/apt-get, /path/to/apt
.. snip ..
##
## User privilege specification
##
root ALL=(ALL) ALL
UPDATERS ALL=NOPASSWD: UPDATE


Notes



  1. This example assumes your username is scorpion.

  2. I assume the path to all the apt commands are in /sbin but Gentoo doesn't use apt or apt-get so don't forget to edit.

  3. This can be done without adding Command Aliases, and User Aliases, but IMHO, the aliases make it easier to add commands, and to debug if needed.






share|improve this answer












share|improve this answer



share|improve this answer










answered Sep 28 at 3:27









eyoung100

4,6951441




4,6951441











  • Option is not working is similar to use the root line for my user. Option 2 is for apt only right? i want to grant full root permissions not only apt.
    – Scorpion
    Sep 28 at 9:03










  • If you want full permission everywhere then add your user to the sudo group, aka wheel, and remove the comment on the line starting %sudo ALL = ALL... with the nopasswd option. It may read %wheel. You cannot do what your asking, as sudo sets the proper permissions bit, and the UID/GID of 0 should always belong to root as @TimKennedy pointed out.
    – eyoung100
    Sep 28 at 9:41










  • Could you clarify? Yes UID and GID should belong to root, but Tim has only said "Yes. I know this is massively insecure" the problem is that it doens' t work, it will break the user. I removed the comment now i can' t use sudo. Can you post the right configuration?
    – Scorpion
    Sep 28 at 10:24











  • i can' t tag you any can you post the right configuration?
    – Scorpion
    Oct 2 at 21:17










  • Follow @TimKennedy's answer, and set your UID and GID to zero, thereby replacing the root user with your user. The reason it's "massively insecure" is because you have removed all safety measures. See What's wrong with always being root? Before I can advise you on the proper configuration, should you decide against Tim's answer I need to know what distribution you're using.
    – eyoung100
    2 days ago
















  • Option is not working is similar to use the root line for my user. Option 2 is for apt only right? i want to grant full root permissions not only apt.
    – Scorpion
    Sep 28 at 9:03










  • If you want full permission everywhere then add your user to the sudo group, aka wheel, and remove the comment on the line starting %sudo ALL = ALL... with the nopasswd option. It may read %wheel. You cannot do what your asking, as sudo sets the proper permissions bit, and the UID/GID of 0 should always belong to root as @TimKennedy pointed out.
    – eyoung100
    Sep 28 at 9:41










  • Could you clarify? Yes UID and GID should belong to root, but Tim has only said "Yes. I know this is massively insecure" the problem is that it doens' t work, it will break the user. I removed the comment now i can' t use sudo. Can you post the right configuration?
    – Scorpion
    Sep 28 at 10:24











  • i can' t tag you any can you post the right configuration?
    – Scorpion
    Oct 2 at 21:17










  • Follow @TimKennedy's answer, and set your UID and GID to zero, thereby replacing the root user with your user. The reason it's "massively insecure" is because you have removed all safety measures. See What's wrong with always being root? Before I can advise you on the proper configuration, should you decide against Tim's answer I need to know what distribution you're using.
    – eyoung100
    2 days ago















Option is not working is similar to use the root line for my user. Option 2 is for apt only right? i want to grant full root permissions not only apt.
– Scorpion
Sep 28 at 9:03




Option is not working is similar to use the root line for my user. Option 2 is for apt only right? i want to grant full root permissions not only apt.
– Scorpion
Sep 28 at 9:03












If you want full permission everywhere then add your user to the sudo group, aka wheel, and remove the comment on the line starting %sudo ALL = ALL... with the nopasswd option. It may read %wheel. You cannot do what your asking, as sudo sets the proper permissions bit, and the UID/GID of 0 should always belong to root as @TimKennedy pointed out.
– eyoung100
Sep 28 at 9:41




If you want full permission everywhere then add your user to the sudo group, aka wheel, and remove the comment on the line starting %sudo ALL = ALL... with the nopasswd option. It may read %wheel. You cannot do what your asking, as sudo sets the proper permissions bit, and the UID/GID of 0 should always belong to root as @TimKennedy pointed out.
– eyoung100
Sep 28 at 9:41












Could you clarify? Yes UID and GID should belong to root, but Tim has only said "Yes. I know this is massively insecure" the problem is that it doens' t work, it will break the user. I removed the comment now i can' t use sudo. Can you post the right configuration?
– Scorpion
Sep 28 at 10:24





Could you clarify? Yes UID and GID should belong to root, but Tim has only said "Yes. I know this is massively insecure" the problem is that it doens' t work, it will break the user. I removed the comment now i can' t use sudo. Can you post the right configuration?
– Scorpion
Sep 28 at 10:24













i can' t tag you any can you post the right configuration?
– Scorpion
Oct 2 at 21:17




i can' t tag you any can you post the right configuration?
– Scorpion
Oct 2 at 21:17












Follow @TimKennedy's answer, and set your UID and GID to zero, thereby replacing the root user with your user. The reason it's "massively insecure" is because you have removed all safety measures. See What's wrong with always being root? Before I can advise you on the proper configuration, should you decide against Tim's answer I need to know what distribution you're using.
– eyoung100
2 days ago




Follow @TimKennedy's answer, and set your UID and GID to zero, thereby replacing the root user with your user. The reason it's "massively insecure" is because you have removed all safety measures. See What's wrong with always being root? Before I can advise you on the proper configuration, should you decide against Tim's answer I need to know what distribution you're using.
– eyoung100
2 days ago

















 

draft saved


draft discarded















































 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f471946%2fgrant-full-root-permissions-to-an-user%23new-answer', 'question_page');

);

Post as a guest
































































-

Popular posts from this blog

How to check contact read email or not when send email to Individual?

Image
Clash Royale CLAN TAG #URR8PPP up vote 1 down vote favorite I'm using WordPress 4.9.8, CiviCRM to 5.5.1, I usually send email to contact by Search> Find contacts View contact details Action> Send email Send email ok, Contact received mail ok like picture But status only Email sent though contact read email or not. So, can CiviCRM can change status to Email read when contact read email? wordpress email share | improve this question asked Sep 26 at 0:12 ToanLuong 49 9 add a comment  |  up vote 1 down vote favorite I'm using WordPress 4.9.8, CiviCRM to 5.5.1, I usually send email to contact by Search> Find contacts View contact details Action> Send email Send email ok, Contact received mail ok like picture But status only Email sent though contact read email or not. So, can CiviCRM can change status to Email read when contact read email? wordpress email share | improve this question asked Se
Read more

Bahrain

Image
For other uses, see Bahrain (disambiguation). Sovereign island state in the Persian Gulf Kingdom of Bahrain مملكة البحرين   (Arabic) Mamlakat al-Baḥrayn Flag Coat of arms Anthem:  نشيد البحرين الوطني Bahrainona Our Bahrain Location of   Bahrain    (circled in red) Capital and largest city Manama 26°13′N 50°35′E  /  26.217°N 50.583°E  / 26.217; 50.583 Official languages Arabic Ethnic groups (2010 [1] ) 50.7% Arab (46% Bahrani, 4.7% other Arabs) 45.5% Asian 1% European 1.2% Others Religion Islam Demonym(s) Bahraini Government Unitary constitutional monarchy • King Hamad bin Isa Al Khalifa • Crown Prince Salman bin Hamad bin Isa Al Khalifa • Prime Minister Khalifa bin Salman Al Khalifa Legislature National Assembly • Upper house Consultative Council • Lower house Council of Representatives Independence • Declared Independence [2] 14 August 1971 • from United Kingdom [1] 15 August 1971 • Admitted to the United Nations 21 September 1971 • Kingdom of Bahrain 14 February 2002
Read more

Postfix configuration issue with fips on centos 7; mailgun relay

Image
Clash Royale CLAN TAG #URR8PPP up vote 0 down vote favorite I am trying to setup postfix to relay all mail generated on the local machine via SMTP to a mailgun relay. I have used the mailgun relay before with success on an ubuntu server, but I am migrating to a Centos 7 server which I will be running in FIPS mode. There error log is below, slightly sanitized. I have a small enough network that I choose to have each machine reach out to mailgun individually (this the loopback-only, 127.0.0.0/8 restrictions) and no firewall open port allowing smtp in to the machine. I assume the FIPS mode (and with it disabling of MD5) is causing problems, but I don't know how to overcome it or if it is even possible for tls_fprint to use some supported hash such as sha256 or sha512. However, the relay=none is slightly concerning since I have relayhost set, but perhaps that is because the smtp process is failing? Any help would be appreciated! postconf -n: alias_database = hash:/etc/alia
Read more