Most users will need to use the sudo command with or without the no password option and this guide runs through setting this up. It allows a user to execute almost any command with root privileges. Centos 6 does not provide sudo access by default so it needs to be set up manually.
You will need the a minimal version of Centos 6 installed with root access and a console text editor.
Vi and Vim commands
To start, log in as root and run the visudo command in the console, which will bring up your editor and the /etc/sudoers file.
# visudo
Scroll down until you find the following line
root ALL=(ALL)ALL
and add underneath it
user_name ALL=(ALL)ALL
or
user_name ALL=(root)ALL
If you also want to use the sudo command without having to enter the root password all the time then use the NOPASSWD flag ie
user_name ALL=(root) NOPASSWD:ALL
Now scroll down to the bottom of the file and add the following line.
Defaults syslog=local1
Save the file and remove the .tmp file extension so the file is named /etc/sudoers
Now we individualise the logging for any action performed when using the sudo command, open the following file
# vi /etc/rsyslog.conf
and above the line
# The authpriv file has restricted access.
authpriv.*
/var/log/secure
add the following to correspond with your entry in sudoers.
local1.* /var/log/sudo.log
Save and exit the file & restart the syslog service
$ sudo service rsyslog restart
The extra lines in sudoers ensure that the user can use sudo from any host with any command and also alter the default logging behaviour for the sudo function.
Labels: Centos 6, escalate user to super user, RHEL