Chapter 4 . Learning Basic Administration 133 as (Web server application)
Chapter 4 . Learning Basic Administration 133 as the root user s PATH variable will be used. If you become the root user by just typing su, rather than su -, you won t change directories or the environment of the current login session. You can also use the su command to become a user other than root. This is useful for troubleshooting a problem that is being experienced by a particular user, but not by others on the computer (such as an inability to print or send e-mail). For example, to have the permissions of a user named jsmith, you d type the following: $ su - jsmith Even if you were root user before you typed this command, afterward you would have only the permissions to open files and run programs that are available to jsmith. As root user, however, after you type the su command to become another user, you don t need a password to continue. If you type that command as a regular user, you must type the new user s password. When you are finished using superuser permissions, return to the previous shell by exiting the current shell. Do this by pressing Ctrl+D or by typing exit. If you are the administrator for a computer that is accessible to multiple users, don t leave a root shell open on someone else s screen (unless you want to let that person do anything he wants to the computer)! Allowing Limited Administrative Access As mentioned earlier, when you run GUI tools as a regular user (from Red Hat Linux, SUSE, or some other Linux systems), you are prompted for the root password before you are able to access the tool. By entering the root password, you are given root privilege for that one task, without being root user for every task you do from that desktop session. A particular user can also be given administrative permissions for particular tasks without being given the root password. For example, a system administrator can add a user to particular groups, such as modem, disk, users, cdrom, ftp, mail, or www, and then open group permission to use those services. Or, an administrator can add a user to the wheel group and add entries to the /etc/sudoers file to allow that user to use the sudo command to run individual commands as root. (See the description of sudo later in this chapter.) A fairly new feature being added to some Linux distributions used in highly secure environments is Security Enhanced Linux (SELinux). With SELinux, instead of one all-powerful root user account, multiple roles can be defined to protect selected files and services. In that way, for example, if someone hacks into your Web server, he does not automatically have access to your mail server, user passwords, or other services running on the computer.
Note: If you are looking for cheap webhost to host and run your apache application check Vision apache web hosting services