RE: [opensuse] limiting users who can use su
On Wednesday 14 November 2007 20:50:40 James D. Parra wrote:
Hello,
Is there a way to control which user accounts can use 'su' when using ssh? I want only a couple of users to be able to change to root when using ssh.
Unfortunately, Richard Stallman wants everyone who can log in to a machine to have root access (see the end comment in "info:su"), so there is no built-in way in su of doing this What you can do is to change the ownership of /bin/su to the group "wheel", change the permissions on it to 4750, and add the users you want to have access to the wheel group Or, alternatively, you can remove access to su completely, and use sudo instead, which does allow more fine grained control, through /etc/sudoers ~~~~ Thank you. This is very helpful. ~James -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James D. Parra wrote:
On Wednesday 14 November 2007 20:50:40 James D. Parra wrote:
Hello,
Is there a way to control which user accounts can use 'su' when using ssh? I want only a couple of users to be able to change to root when using ssh.
Unfortunately, Richard Stallman wants everyone who can log in to a machine to have root access (see the end comment in "info:su"), so there is no built-in
way in su of doing this
This is one place where I think he's gone too far. While hackers, such as him, believe that anyone should have free run of a system, such a position is simply unrealistic in a business, medical or government environment, particularly when privacy concerns are involved. Does he believe anyone should be able to look up someone else's HR record? Or medical data? -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
James D. Parra wrote:
On Wednesday 14 November 2007 20:50:40 James D. Parra wrote:
Hello,
Is there a way to control which user accounts can use 'su' when using ssh? I want only a couple of users to be able to change to root when using ssh.
Unfortunately, Richard Stallman wants everyone who can log in to a machine to have root access (see the end comment in "info:su"), so there is no built-in
way in su of doing this
This is one place where I think he's gone too far. While hackers, such
as him, believe that anyone should have free run of a system, such a position is simply unrealistic in a business, medical or government environment, particularly when privacy concerns are involved. Does he believe anyone should be able to look up someone else's HR record? Or medical data?
Agreed. Stallman's never worked outside of academia. If I own a business, then it's well within my rights to allow some employees root access, and to deny it to others. Why? Because *I* own the machine, not Richard Stallman. The addittions to GPL from version 2 to Version 3 are...well, nice in an ideal world, but, entirely unrealistic in the actual world, and, I fear, counter-productive in the long run. This is why Linus decided not keep the kernal under v2. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Aaron Kulkis
-
James D. Parra
-
James Knott