Friday, 19 July 2013

Centos 6/RHEL escalate user to super user

Most users will need to use the sudo command with or without the no password option and this guide runs through setting this up. It allows a user to execute almost any command with root privileges. Centos 6 does not provide sudo access by default so it needs to be set up manually.

You will need the a minimal version of Centos 6 installed with root access and a console text editor.

Vi and Vim commands

To start, log in as root and run the visudo command in the console, which will bring up your editor and the /etc/sudoers file.

# visudo

Scroll down until you find the following line

root     ALL=(ALL)ALL

and add underneath it

user_name   ALL=(ALL)ALL 

or

user_name   ALL=(root)ALL

If you also want to use the sudo command without having to enter the root password all the time then use the NOPASSWD flag ie

user_name   ALL=(root) NOPASSWD:ALL

Now scroll down to the bottom of the file and add the following line.

Defaults syslog=local1

Save the file and remove the .tmp file extension so the file is named /etc/sudoers

Now we individualise the logging for any action performed when using the sudo command, open the following file

# vi /etc/rsyslog.conf

and above the line

# The authpriv file has restricted access.
authpriv.*
           /var/log/secure



add the following to correspond with your entry in sudoers.

local1.*               /var/log/sudo.log

Save and exit the file & restart the syslog service

$ sudo service rsyslog restart

The extra lines in sudoers ensure that the user can use sudo from any host with any command and also alter the default logging behaviour for the sudo function.