Su – user doesn’t work for users without a password

authenticationrootsuusers

I've created a user on CentOS with useradd -M username. Now, I want to become that user just like su - username.

It asks me for a password for that user but I didn't set a password for that user. As a workaround, I have to become root then su - username works obviously.

First, I thought it asks for a root password but it is not the case. Any ideas?

Best Answer

After creating the account with the command useradd you need to run the following command as root to set a password for this newly created account:

$ passwd <username>

Sudo

If you're absolutely positive that you, (userZ), want to become another user (userX) without providing userX's password, AND you don't want to have to become root first then you're likely looking for sudo.

The CentOS Wiki does a very good job of covering this entire topic that you're asking about here in this articled titled: How To Become Root.

Here's a synopsis.

  1. You want the ability to do anything as root, such as, becoming other users, without providing their password. Add the following rule to your sudoers file, /etc/sudoers. NOTE: You edit the sudoers file using the command visudo as root!

    userZ    ALL=(ALL)       ALL

    The above approach will still challenge you for userZ's password. You can get rid of this protection by adding this rule to sudoers instead.

    userZ ALL=NOPASSWD: ALL

  2. You want to parcel out the ability to only become a specific user using sudo.

    userZ ALL=(root) NOPASSWD: /bin/su - userX

    NOTE: The above can also be done so that userZ has to use their password to run the su command too. The above only let's userZ become userX, nothing more.

Related Question