From owner-freebsd-questions Tue Jul 20 19:43:15 1999 Delivered-To: freebsd-questions@freebsd.org Received: from venus.GAIANET.NET (venus.GAIANET.NET [207.211.200.51]) by hub.freebsd.org (Postfix) with ESMTP id D3F0715422 for ; Tue, 20 Jul 1999 19:43:06 -0700 (PDT) (envelope-from vince@venus.GAIANET.NET) Received: from localhost (vince@localhost) by venus.GAIANET.NET (8.9.3/8.9.3) with ESMTP id TAA42049; Tue, 20 Jul 1999 19:42:36 -0700 (PDT) (envelope-from vince@venus.GAIANET.NET) Date: Tue, 20 Jul 1999 19:42:36 -0700 (PDT) From: Vincent Poy To: Ilia Chipitsine Cc: "T. William Wells" , freebsd-questions@FreeBSD.ORG Subject: Re: how to watch the root user? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: 8BIT Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 20 Jul 1999, Ilia Chipitsine wrote: There isn't any problems with that one yet... Since the account we want to give the privileges to will be named somethingsales and the shell will just be a script. Cheers, Vince - vince@MCESTATE.COM - vince@GAIANET.NET ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] GaiaNet Corporation - M & C Estate / / / / | / | __] ] Beverly Hills, California USA 90210 / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] > oh, i've forgotten. ssh by default also allows login as root :-( > make sure you switched it OFF. > > Regards, (Наилучшие пожелания) > > Ilia Chipitsine (Илья Шипицин) > > On Mon, 19 Jul 1999, Vincent Poy wrote: > > > On Mon, 19 Jul 1999, Ilia Chipitsine wrote: > > > > > look at the sudo program, it's in the ports collection. > > > it has a configuration, which describes which user is allowed > > > to do tasks as a root. > > > > > > but, once you gave somebody all the root's rights, it's not possible to > > > watch what he/she did. > > > > > > do not allow 'sudo' for > > > > > > 1. cp > > > 2. rm > > > 3. dd > > > 4. passwd > > > 5. ? > > > > > > it's not safe at all. > > > > I think we need sudo for just finger, adduser, rmuser, passwd. > > The thing is that I can write a shell script to do all the functions and > > have that as a default shell but how do I call up sudo into the script. > > > > > > Cheers, > > Vince - vince@MCESTATE.COM - vince@GAIANET.NET ________ __ ____ > > Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] > > GaiaNet Corporation - M & C Estate / / / / | / | __] ] > > Beverly Hills, California USA 90210 / / / / / |/ / | __] ] > > HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] > > > > > > > On Sun, 18 Jul 1999, Vincent Poy wrote: > > > > > > > Speaking about root or limited root, does anyone happen to know > > > > how to give like a account with limited root priviliges such as add/delete > > > > users and changing a users password via a shell that calls up a shell > > > > script but without full access as root. > > > > > > > > > > > > Cheers, > > > > Vince - vince@MCESTATE.COM - vince@GAIANET.NET ________ __ ____ > > > > Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] > > > > GaiaNet Corporation - M & C Estate / / / / | / | __] ] > > > > Beverly Hills, California USA 90210 / / / / / |/ / | __] ] > > > > HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message