Mailinglist Archive: opensuse-security (485 mails)

< Previous Next >
Re: [suse-security] allow 'su' to limited users
On Mon, Mar 08, 2004 at 04:27:46PM +0100, Gero Schmidt-K?rst wrote:
> I guess there is a easy possibility to allow the command 'su' only to
> a small group of users. Perhaps someone of you can send me a hint!

Yep:

* add the users to the group 'wheel':

usermod -G wheel tom
usermod -G wheel dick
usermod -G wheel harry

* change the group and permissions on /bin/su so that it can only be
accessed by members of the group 'wheel'

chgrp wheel /bin/su
chmod 4750 /bin/su


I picked the group 'wheel' since this is what, historically, Unix
systems have used for this function.

Cheers,

Paul.

--
Paul Dwerryhouse | PGP Key ID:
Amsterdam, The Netherlands (X) <-> Melbourne, Australia ( ) | 0x6B91B584

< Previous Next >
Follow Ups
References