The Luci webui should not allow root user instead it can able to use other users for login.
The LuCI ui requires root privileges to perform root operations. You can add further logins by modifying the rpcd configuration file. There is no way without modifying it.
@jow . Yes. i able to logged in with newly added users. But my goal is to restrict the root user for Luci webui access. Is there any option available like changing in .js or .lua files ?
Simply remove the root user login from /etc/config/rpcd
Whether any unpredictable behavior will happen if we removed the root user from rpcd configuration file ? Could you also suggest How this rpcd configuration file works ?
No unpredictable behavior. Not sure what you mean by the question how it works. It specifies a number of accounts which are permitted to log in. The read and write options tie ACL rulesets to the account. The asterisk * is a wildcard and applies all existing ACL rules. The write ACL list grants access to operations that modify the system stage (changing settings, bringing interfaces up/down, uploading, removing files etc.) while the read ACL list grants read only access (being able to view configuration, status, interfaces etc.).
There's some info for that at https://openwrt.org/docs/techref/ubus#acls
ACLs rules used by LuCI can be found at https://github.com/openwrt/luci/blob/master/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json (each further module or applications ships ACL rules for its own operations).
Unless you do not plan to add a login that only has access to parts of LuCI, there is no need for fine grained ACL control and it is enough to simply use * for read and write.
You can install luci-app-acl for a graphical ui to manage logins.
I meant whether this rpcd configuration file used only for login purpose and any other ?
Just asked since I am not sure Whether removing root user from rpcd file will result in any misbehavior ?
As per your comments, I understood that this rpcd file used for login purpose only right ?
Well, it defines some global rpcd settings as well, the default session timeout and the ubus socket path (see https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=package/system/rpcd/files/rpcd.config). Apart from that it only covers logins.
This config login section used only for login purpose right ? Whether it will be part above mentioned rpcd settings and all ?
Yes, login sections are only used for login purposes.
Ok. Thank for your reply.