Limiting users SU ability
Hi All Is it possible to turn off certain users ability to "su" either to root only or to any other user? I would apreciate some direction on this. Regards Nigel Gaylard
Sure... make su group executeable only by a "trusted" group and remove all privs for *other* - Herman Nigel Gaylard wrote:
Hi All
Is it possible to turn off certain users ability to "su" either to root only or to any other user? I would apreciate some direction on this.
Regards
Nigel Gaylard
On Wed, Jul 09, 2003 at 06:56:48AM +0100, Nigel Gaylard wrote:
Hi All
Is it possible to turn off certain users ability to "su" either to root only or to any other user? I would apreciate some direction on this.
Don't give them the passwords. If these users have to do some root things man sudo
Regards
Nigel Gaylard
Greetings Johannes -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
Don't give them the passwords. If these users have to do some root things man sudo
Yes, better use sudo, because there you can configure many things more! Edit the /etc/sudoers and add user to group trusted. In the config and with the "man <Command>" command you will find useful help. We use sudo for the local ftp-admin group for usermanagement and testing the load of the ftp (pure-ftp). At our faculty we use it to allow users to restart the licenseserver service, which often crashes. Philippe
participants (4)
-
Herman Knief
-
Johannes Bretscher
-
Nigel Gaylard
-
Philippe Vogel