I am working on unix server, right now i have a task to do which is to create 7 users, 3 of them must have the same privilige of the root user and the rest to be normal users (i.e they are not allowed to perform any of the root commands nor create or edit any file).....is there anyway to do this..its urgent please......

Thanks for your help.

The simplest and most horrifying method is to give the users a UID of 0. That's the key. The slightly less horrifying method is to limit access to the su(1M) via a specific group that is assigned to the binary and those users also share. Finally, you might consider the sudo utility.

You can create multiple users with the same uid? What effects does this have?

It has the effect of making things very confusing, but there are situations where it can "make sense". For example, I support an environment where one customer can drop-off and pickup files via FTP or Kermit (over Telnet). Operational requirements are such that multiple accounts with different passwords be maintained, but as far as my system is concerned, all files are from the same customer. The "telnet" account is restricted to a BBS-style menu whereas the "FTP" account is chroot'd into another directory.

When you do an ls -l, the username associated with the first entry with the duplicate UID in /etc/passwd is displayed. Other than that, it's just the same user with two different ways of accessing the system.

To your original posting, however, it would make more sense for auditing purposes if all users "requiring root access" had a non-root account, then su'd to root either through sudo or by creating a specific group which all members belong to as well as the group on the su command. Then, limit execution of su to root (the owner) and, historically, wheel (the group).

Confusing, no?