Allowing Password change
Matt
mcpsv650 at yahoo.com
Thu Oct 2 11:14:17 EDT 2003
I've been trying to allow some users to change
passwords on an AIX box, using sudo, and ran into an
issue. But also *think* I found the answer. I'd just
like to confirm that what I did is "correct"....
OK, so using the example from :
http://www.courtesan.com/sudo/man/sudoers.html#examples
Specifically the following line :
pete HPPA = /usr/bin/passwd [A-z]*,
!/usr/bin/passwd root
this worked, except the users could still do :
$ sudo passwd
IE, without specifying any username. And it was
allowed, and would change the password for root
anyway. After some playing I changed the line to read
:
... = /usr/bin/passwd [A-z]*, !/usr/bin/passwd root,
!/usr/bin/passwd ""
Afterwards, specified users could change the password
for any user except root, and could not just run sudo
passwd...
So, I was just trying to clarify if this is correct
behavior...
Thanks for any tips/info.
=====
__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com
More information about the sudo-users
mailing list