Mailinglist Archive: opensuse (3100 mails)
| < Previous | Next > |
Re: [SLE] Stupid newbie user rights question
- From: Roger Haxton <rhaxton@xxxxxxxxxx>
- Date: Mon, 13 Mar 2006 08:55:57 -0600
- Message-id: <200603130855.58042.rhaxton@xxxxxxxxxx>
On Monday March 13 2006 08:26, Drew Burchett wrote:
> OK. I understand what you're saying here, but I'm from a Windows
> environment and not really used to Linux permissions. Basically, I have
> three users who are administrators on this server (all my servers
> actually). The whole purpose of authentication against the Active
> Directory is so that I can provide single sign-on capability to these
> users and just give root a complex password that I don't have to give
> out to everyone. If they have to su to do anything on the box, then
> there's really no point in using AD authentication. Is this the case,
> or is there some way I can assign certain permissions to these users?
>
What you're looking for is sudo. You can set it up so that they can have as
much permission (e.g. running only specific commands) or all rights and all
they have to know is their own password if setup correctly. man sudo is your
friend. Also /usr/share/doc/packages/sudo is probably worth perusing.
Remember to use visudo as root to make the changes to the file when you get
ready to implement.
--
~R~
----------------------------------------------------------
If you sit down at a poker game and don't see a sucker, get up. You're
the sucker.
> OK. I understand what you're saying here, but I'm from a Windows
> environment and not really used to Linux permissions. Basically, I have
> three users who are administrators on this server (all my servers
> actually). The whole purpose of authentication against the Active
> Directory is so that I can provide single sign-on capability to these
> users and just give root a complex password that I don't have to give
> out to everyone. If they have to su to do anything on the box, then
> there's really no point in using AD authentication. Is this the case,
> or is there some way I can assign certain permissions to these users?
>
What you're looking for is sudo. You can set it up so that they can have as
much permission (e.g. running only specific commands) or all rights and all
they have to know is their own password if setup correctly. man sudo is your
friend. Also /usr/share/doc/packages/sudo is probably worth perusing.
Remember to use visudo as root to make the changes to the file when you get
ready to implement.
--
~R~
----------------------------------------------------------
If you sit down at a poker game and don't see a sucker, get up. You're
the sucker.
| < Previous | Next > |