|
|
|
|
|||||||
| Forums | Portal | Register | Forum Rules | FAQ | Contribute | Members List | Arcade | Search | Today's Posts | Mark Forums Read |
| UNIX for Advanced & Expert Users Advanced UNIX and Linux questions go here. Expert-to-Expert. |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| sudoers | tjmannonline | UNIX for Dummies Questions & Answers | 4 | 05-13-2008 06:45 PM |
| Sudoers problems. | blane | UNIX for Advanced & Expert Users | 5 | 04-09-2008 02:18 PM |
| sudoers on HP 11.11 | dhlopomo | UNIX for Dummies Questions & Answers | 2 | 01-18-2008 03:03 AM |
| sudoers file | whatisthis | Linux | 4 | 12-02-2004 02:59 PM |
| /etc/sudoers is mode 0660 | pneumeric | UNIX for Dummies Questions & Answers | 4 | 10-08-2003 10:14 PM |
 |
|
|
Submit Tools | LinkBack | Thread Tools | Search this Thread | Display Modes |
|
#1
04-27-2005
|
|||
|
|||
|
sudoers syntax
I'm stuck with a dilemma. I am trying to control userid's access to the su command in such a way that he will not be able to su to root (su, su -, su root, su - root) but he will be able to su to any other user. I have tried the following syntax:
Code:
userid ALL=/usr/bin/su ?*, !/usr/bin/su *root* Code:
Cmnd_Alias SU_TO_ROOT = /usr/bin/su, /usr/bin/su -, /usr/bin/su *root*, /usr/bin/su - *root* userid ALL=ALL, !SU_TO_ROOT 
|
| Forum Sponsor | ||
|
|
|
#2
11-11-2005
|
|||
|
|||
|
Group Access?
While I've never tried this with *root*, you could make another group called sutoroot and add this to roots list of groups. Then (at least on AIX) you can restrict by group which groups are authorized to su to this user.
Just one thought
|
|||
| Google The UNIX and Linux Forums |
Linear Mode
