sudoers file : prevention of su to root
Parson, David
David.Parson at PacifiCorp.com
Mon Oct 8 15:37:58 EDT 2001
Folks:
I have been trying to write a generic sudoers file to prevent most folks
{note: most, but not all} from doing a "su -, su, ...". I think you get the
idea in that in most cases don't care if folks use "sudo su someone", but
that they be prevented from doing any kind of su to root shell.
Someone was kind enough to send me the syntax with some ideas on how to
implement this, but some of the syntax won't work and what does will not
prevent a su to root.
thanks
--David
-----Original Message-----
From: Matthew Hannigan [mailto:mlh at zip.com.au]
Sent: Monday, October 08, 2001 12:14 PM
To: sudo-users at courtesan.com
Subject: [Fwd: equiv of "su -"]
Anyone?
mlh at zip.com.au wrote:
>
> All,
> I want sudo root shell to run .profile.
>
> What is the sudo equivalent to "su -" ?
>
> Besides "sudo su -" that is. Because
> for RUNAS users, you would have to allow
> them to run su as root, and restrict them
> somehow to su - RUNASUSER.
>
> Regards,
> -Matt
>
> ---------------------------------------------
> This message was sent using Endymion MailMan.
> http://www.endymion.com/products/mailman/
____________________________________________________________
sudo-users mailing list <sudo-users at courtesan.com>
For list information, options, or to unsubscribe, visit:
http://www.courtesan.com/mailman/listinfo/sudo-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/sudo-users/attachments/20011008/144f3878/attachment.html>
More information about the sudo-users
mailing list