November 26, 2019

How to list all users with root

To list all users:
cat /etc/passwd | awk -F: '{print $ 1}'
To list all groups:
cat /etc/group | awk -F: '{print $ 1}'
Don't forget to change the root password. If any user has UID 0 besides root, they shouldn't. Bad idea. To check:
grep 'x:0:' /etc/passwd
Again, you shouldn't do this but to check if the user is a member of the root group:
grep root /etc/group
To see if anyone can execute commands as root, check sudoers:
cat /etc/sudoers
To check for SUID bit, which allows programs to be executed with root privileges:
find / -perm -04000
To see who is UID 0:
getent passwd 0
To see who is in groups rootwheel adm and admin:
getent group root wheel adm admin
To list all users and the groups they are members of:
getent passwd | cut -d : -f 1 | xargs groups
Pure root is user id "0".
All the users in the system are in the /etc/passwd file:
less /etc/passwd
Those who are root have "0" as the user id, which is the 3rd column. Those with "0" as the group (4th column) may also have some root privileges.
Next, you'll want to look at the groups, and see who is an additional member of the "root" or "wheel" or "admin" groups:
less /etc/group
Users listed in those groups could have some root privileges, especially via the "sudo" command.
The final thing you will want to check is the "sudo" config and see who is listed as having authorisation to run this command. This file itself is well documented so I won't reproduce it here:
less /etc/sudoers
To print all users
perl -n -e '@user = split /:/ ; print "@user[0]\n";' < /etc/passwd
To print only those users with UID 0, being as others have said, the users with implicit root privileges:
perl -n -e '@user = split /:/ ; print "@user[0]\n" if @user[2] == "0";' < /etc/passwd

How to Disable SELinux on CentOS 8

SELinux or Security-Enhanced Linux is a mechanism or security module that provides access control security policies. In simple terms, it’s a feature or service used for restricting users to certain policies and rules set by the systems administrator.
In this topic, you will learn how to disable SELinux temporarily and later permanently on CentOS 8 Linux.

How to Temporarily Disable SELinux on CentOS 8

Before you start disabling SELinux on CentOS 8, it’s prudent that you first check the status of SELinux.
To do so, run the command:
# sestatus
Check SELinux Status in CentOS 8
Check SELinux Status in CentOS 8
This shows that SELinux is up and running.
To temporarily disable SELinux run the command.
# setenforce 0
Also, you can run the command.
# setenforce Permissive
Either of these commands will temporarily disable SELinux only until the next reboot.

How to Permanently Disable SELinux on CentOS 8

Now, let’s see how we can permanently disable SELinux. The configuration file for SElinux is located at /etc/selinux/config. Therefore, we need to make a few modifications to the file.
# vi /etc/selinux/config
Set the SELinux attribute to disabled as shown below:
Disable SELinux in CentOS 8
Disable SELinux in CentOS 8

Save and exit the configuration file and reboot your CentOS 8 Linux system using any of the commands below.
# reboot
# init 0
# telinit 0
Now check the status of SELinux using the command.
# sestatus
Verify SELinux Status in CentOS 8
Verify SELinux Status in CentOS 8
SELinux is a very crucial feature on CentOS 8 and helps in restricting unauthorized users from accessing certain services on the system.
In this guide, we demonstrated how you can disable SELinux on CentOS 8. Ideally, it’s always recommended to keep SELinux enabled with the exception of instances where you are configuring services that require SELinux to be disabled.

How to Install Docker CE on CentOS 8 and RHEL 8

  Docker  is a daemon-based container engine which allows us to deploy applications inside containers.  Docker is available in two versions,...