[sudo-users] restrict passwd command

Ladner, Eric (Eric.Ladner) Eric.Ladner at chevron.com
Tue Nov 22 12:54:16 EST 2005

You might be better off just leaving the suid bit on the passwd command.

I don't think the sudoers file macros and wildcarding can do that type
of substitution.


-----Original Message-----
From: sudo-users-bounces at courtesan.com
[mailto:sudo-users-bounces at courtesan.com] On Behalf Of Mark F
Sent: Tuesday, November 22, 2005 11:45 AM
To: sudo-users at sudo.ws
Subject: [sudo-users] restrict passwd command

Our policy restricts setuid to as little as possible usage.  I've
removed the setuid permissions from the /bin/passwd as I thought I could
use it with sudo instead.

I'd like to allow any user to run passwd but only with an argument that
is their username.

Is this possible?  or is there a better way?


sudo-users mailing list <sudo-users at sudo.ws> For list information,
options, or to unsubscribe, visit:

More information about the sudo-users mailing list