Create new linux account as a user without root access

linux not-root-user useradd account-restrictions
16,141

Solution 1

Boot up into a system rescue CD. Or, if your root account is locked, boot to single-user mode (add 1 to the end of the boot command). Other than that, no. Could you imagine how insecure that would make a system?

Solution 2

It requires writing in some files. Which happen to be writable only by root. So use a setuid root binary like sudo or be root.

If the system is not being used, just mount the hard driver and edit manually the files you need, there should be binaries on the system to edit the password file/groups and such. I'm more a BSD user so I don't know the names but look for vipw/adduser/useradd/usermgmt/etc.

Are you sure you really need to do that? Managing user is part of the administrator's tasks, so root is the way to go. If someone else can modify system files, there's a security problem.

Solution 3

No. Generally speaking, the unix permission model only has two levels: root, and the rest. Root can do everything, and non-root users each have their own domain. Non-root users cannot create subdomains inside their security domain.

There is a way to create security domains as an ordinary user: run a virtual machine of some kind (VirtualBox, User Mode Linux, …). You can isolate applications running in the VM to your heart's content.

Share:
16,141

Related videos on Youtube

Simone
Author by

Simone

Updated on September 18, 2022

Comments

  • Simone
    Simone almost 2 years

    Is it possible to create a non-root Linux user account without being logged in as a root user and without using sudo?

    • Nils
      Nils over 12 years
      Why do you want to do this - what is your need?
  • Simone
    Simone over 12 years
    I don't see any security threat in that. I just want to create an user account with the same privilege I have in my account while I'm logged with my account
  • Michael Mrozek
    Michael Mrozek over 12 years
    @Simone You could make dozens of accounts so it's hard for the admin to kick you off the system. Or make a second account and store all your illegal files there. Or just make new accounts to get around per-user restrictions like disk quotas
  • Karlson
    Karlson over 12 years
    @Simone A comment like this is likely to get you fired in any shop that actually has computer systems helping you make money.
  • Kevin
    Kevin over 12 years
    @Nils Yes, but not the root of his system. My understanding of runlevel 1 is that it requires a password if and only if root has one, but it's possible I'm mistaken. And yes, the boot menu should be protected, but we all know that's not always going to be the case.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I create and grant a normal user with root privileges?
Is it safe to use /bin/cat as shell for a restricted user?
Don't require root to add printers
How to get list of available wireless networks without being root
No home directory, logging in with HOME=/
Add new user with permissions same as existing user
What variables are valid within /etc/default/useradd file?
server unexpectedly closed network connection Putty after useradd
Pass password to adduser command
Useradd with given password