Date: Fri, 26 May 2006 10:52:53 +1000 From: Mikhail Goriachev <mikhailg@webanoide.org> To: Sean Murphy <smurphy@calarts.edu> Cc: "'freebsd-questions@freebsd.org'" <freebsd-questions@freebsd.org> Subject: Re: SUDO Help password change deligation question Message-ID: <44765165.4060702@webanoide.org> In-Reply-To: <44763C47.8020706@calarts.edu> References: <44763C47.8020706@calarts.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Sean Murphy wrote: > I would like to not give root access but enable a user account (not in > wheel) to change user passwords with passwd username command. I just > would like to delegate the password changing ability to someone else but > not give them super user privileges other then passwd. Would this be > something sudo can do? can you restrict what accounts passwords they > can change for instance everyone but system root and my account? Yes, sudo can limit the access of what to execute. However, I'd write my own little script (passwd wrapper) that checks whose account is being modified. Then you can prevent misuse. Cheers, Mikhail. -- Mikhail Goriachev Webanoide Telephone: +61 (0)3 62252501 Mobile Phone: +61 (0)4 38255158 E-Mail: mikhailg@webanoide.org Web: http://www.webanoide.org PGP Key ID: 0x4E148A3B PGP Key Fingerprint: D96B 7C14 79A5 8824 B99D 9562 F50E 2F5D 4E14 8A3B
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44765165.4060702>