[techtalk] Users, groups, admins, roots...
Britta Koch
bkoch at rz.uni-osnabrueck.de
Wed Apr 19 17:21:45 EST 2000
>> You cannot duplicate root. You can, however, duplicate some of root's
>> functions using sudo. I've never personally done it, but I know it can
>> be done.
>
>Hmm, that disagrees with my story. But since I've been out of sysadmin work for about 6 months now I may well be in the wrong. If so, sorry for the bad advice.
The man page to sudo is very informative on that ;)
With sudo, you can make groups of people and / or of certain commands and specify which people are allowed to use which
commands - with or without typing in their own password.
Example: I allowed the user britta to issue "make" anywhere with root permissions, but I have to enter my own password.
I also allowed that user to do shutdown without being asked for the password.
That's on my box at home that only I use, so it's ok. Other people might not want to do it!
So, sudo is actually a way to allow people certain admin things without actually telling them the root password (or, in my case,
without having to do a "su " before turning off my box).
There is actually a special wrapper around vi (visud) that first verifies the file for errors - so it apperars to be safe enough.
HTH,
Britta
More information about the Techtalk
mailing list