Dirk Moolman wrote:
I am trying to setup sudo rights on a specific user (username: test), to use the command: useradd
I have not used sudo before, and I played around with /etc/sudoers a bit, but I keep getting the error:
useradd -c "JUST A TEST USER" -d /home/test -s /usr/bin/ksh test2 Cannot lock password file: already locked.
My sudoers file looks like this currently:
/etc/sudoers
# create group LIMITEDTRUST with user test as a member User_Alias LIMITEDTRUST=test Cmnd_Alias PROGRAMS=/usr/sbin/useradd,/usr/bin/ksh ^^^^^^^^^^^^^
Are you crazy???? You realize that by giving a user sudo access to ANY shell (or even an editor which can spawn a shell, like vi), that you are giving the user permission to run ANY program.
# members in the group LIMITEDTRUST are allowed to use sudo only with the commands listed in cmnd alias PROGRAMS
#LIMITEDTRUST ALL=PROGRAMS, NOPASSWD:PROGRAMS LIMITEDTRUST ALL = ALL
I am using Suse SLES9.
What do I need to do / change to get user "test" to be able to use "useradd" ?
Getting useradd to work is the least of your worries at the moment -- Get that ksh command out of there, or else you will find one of your systems TOTALLY screwed up when some user discovers that you're allowing them to run a shell as super-user (root). -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org