Allowing Password change

Matt mcpsv650 at
Thu Oct 2 11:14:17 EDT 2003

I've been trying to allow some users to change
passwords on an AIX box, using sudo, and ran into an
issue.  But also *think* I found the answer.  I'd just
like to confirm that what I did is "correct"....

OK, so using the example from :
Specifically the following line :
pete           HPPA = /usr/bin/passwd [A-z]*,
!/usr/bin/passwd root

this worked, except the users could still do :
$ sudo passwd
IE, without specifying any username.  And it was
allowed, and would change the password for root
anyway.  After some playing I changed the line to read
... = /usr/bin/passwd [A-z]*, !/usr/bin/passwd root,
!/usr/bin/passwd ""

Afterwards, specified users could change the password
for any user except root, and could not just run sudo

So, I was just trying to clarify if this is correct
Thanks for any tips/info.


Do you Yahoo!?
The New Yahoo! Shopping - with improved product search

More information about the sudo-users mailing list