Creating a Super user Account

Jerry McAllister jerrymc at msu.edu
Tue Oct 10 14:32:34 PDT 2006 

On Tue, Oct 10, 2006 at 01:57:54PM -0400, alena eckert wrote:

> Hello,
> 
>  
> 
> I work for United Automobile Insurance Group.  We recently had our only
> employee with a super user account leave the company.  No here knows
> this employees id or password to update information.  Can you please
> advise how we can create new accounts and give someone a super user
> account without this information?

Look up information on booting in to "single user" mode.
When you do this, you are effectively in root at the console
with no network services or extra stuff running.

Then, you merely need to:
      make sure the filesystems are clean     - fsck(8)
      remount root with reae/write permission - mount(8)
      mount other filesystems you might need  - mount(8)
      might as well turn on swap space        - swapon(8) 
      
eg.
     fsck -p
     mount -u /
     mount -a
     swapon -a

At this point you can use vipw(8)  to add an account
and passwd(1) to set or change passwords.

vipw is a special version of the 'vi' editor that handles the 
passwd file.  It takes care of locks, and updating the master 
passwd file and the password database so you don't have to do
anything with them by hand.   The editing rules in vipw are the
same as in regular vi.

The ideal thing is to copy the line with the root account on it
and then dup it.   Change the id name field and possible the home
directory if you want to keep them separate.  Then once you get
out of vipw with a 'ESC : w q' (no spaces, I just put them there
to be clear) which cause the changes to be written to the file,
you then need to run  passwd  to set a password on the new account.

  passwd newid

follow the prompts.

Then, edit the /etc/group file and put your regular non-root id
in the wheel group - just add it on the end of the list if any with
a comma separating it from previous ones.

Then, reboot.
    shutdown -r now

log in as your regular id - that you just added to wheel group.
then su to the new root id to do root work.

  su newid
then give the newid password when it asks.

When you get done with the work, leave the root account by typing
  exit      at a system shell prompt

This is better and a small amount more secure than setting a password
on the regular root account.   But, you can just put a password on
the root account and su to it - just do the su without an id on the
line.

////jerry

> 
> Thank you in advance,
> 
> Alena
> 
> (305) 940-7299 ext. 2422
>

More information about the freebsd-questions mailing list