Date: Tue, 20 Jul 1999 19:42:36 -0700 (PDT) From: Vincent Poy <vince@venus.GAIANET.NET> To: Ilia Chipitsine <ilia@cgilh.chel.su> Cc: "T. William Wells" <bill@twwells.com>, freebsd-questions@FreeBSD.ORG Subject: Re: how to watch the root user? Message-ID: <Pine.BSF.4.05.9907201941570.331-100000@venus.GAIANET.NET> In-Reply-To: <Pine.BSF.4.05.9907202336390.361-100000@localhost.cgu.chel.su>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 20 Jul 1999, Ilia Chipitsine wrote: There isn't any problems with that one yet... Since the account we want to give the privileges to will be named somethingsales and the shell will just be a script. Cheers, Vince - vince@MCESTATE.COM - vince@GAIANET.NET ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] GaiaNet Corporation - M & C Estate / / / / | / | __] ] Beverly Hills, California USA 90210 / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] > oh, i've forgotten. ssh by default also allows login as root :-( > make sure you switched it OFF. > > Regards, (Наилучшие пожелания) > > Ilia Chipitsine (Илья Шипицин) > > On Mon, 19 Jul 1999, Vincent Poy wrote: > > > On Mon, 19 Jul 1999, Ilia Chipitsine wrote: > > > > > look at the sudo program, it's in the ports collection. > > > it has a configuration, which describes which user is allowed > > > to do tasks as a root. > > > > > > but, once you gave somebody all the root's rights, it's not possible to > > > watch what he/she did. > > > > > > do not allow 'sudo' for > > > > > > 1. cp > > > 2. rm > > > 3. dd > > > 4. passwd > > > 5. ? > > > > > > it's not safe at all. > > > > I think we need sudo for just finger, adduser, rmuser, passwd. > > The thing is that I can write a shell script to do all the functions and > > have that as a default shell but how do I call up sudo into the script. > > > > > > Cheers, > > Vince - vince@MCESTATE.COM - vince@GAIANET.NET ________ __ ____ > > Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] > > GaiaNet Corporation - M & C Estate / / / / | / | __] ] > > Beverly Hills, California USA 90210 / / / / / |/ / | __] ] > > HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] > > > > > > > On Sun, 18 Jul 1999, Vincent Poy wrote: > > > > > > > Speaking about root or limited root, does anyone happen to know > > > > how to give like a account with limited root priviliges such as add/delete > > > > users and changing a users password via a shell that calls up a shell > > > > script but without full access as root. > > > > > > > > > > > > Cheers, > > > > Vince - vince@MCESTATE.COM - vince@GAIANET.NET ________ __ ____ > > > > Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] > > > > GaiaNet Corporation - M & C Estate / / / / | / | __] ] > > > > Beverly Hills, California USA 90210 / / / / / |/ / | __] ] > > > > HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9907201941570.331-100000>