Re: shadow password

26 Nov 1996 10:10:48 -0000 

On Mon, 25 Nov 1996, Roger Endo wrote:
> > On Tue, 26 Nov 1996, Fundamental wrote:
> > 
> > > I recently intsalled the shadow password packages to my system, everything
> > > seems to be going well accept for one minor hassle, my "normal" account 
> > > cant
> > > become super-user.  When i try i get the message that i do not have
> > > permission to do so.  How do i get the permission?
> > 
> > you have to be in group root
> > 
> > file group:
> > 
> > root:x:0:root,"your loginname"
> > ...
> I don't like that.  It seems unsafe to me.  There's gotta be
> a better solution
> 
> Currently, I am putting in special users in /etc/suauth
> but I only know the syntax for making su ask for the current
> users passwd, and not root's.  Would like to prompt it to
> ask for root's password.  Workaround anyone?
> 
> Roger Endo                            


yep, its safer to but the usernames in suauth

looks like (file /etc/suauth):

root:ALL EXCEPT login1,login2:DENY

or

root:ALL EXCEPT login1,login2,GROUP root:DENY

watch out! keyword GROUP let the parser know that all words behind GROUP
are group names - only the ":" escapes.
the examples let the users login1 and login2 and all users in group root
(2nd examp.) to get root access by enter the roots password, all others
will receive the message access denied.

root:login1:NOPASS
root:login2:OWNPASS
root:ALL EXCEPT login3:DENY

let the user login1 get root access without passwd
the user login2 have to put in his own passwd and
the user login3 have to use the root passwd all other user cant get in

so if you want the users login1 login2 and login3 to be promted for the
root password you use:

root:ALL EXCEPT login1,login2,login3:DENY

hope that helps

                                               ciao Helmuth (irc: Pvppet)

 ______    Blasch Helmuth,    Graz University of Technology, Austria
 \    /           Computing and Information Services Center 
 L\in/uX   Steyrergasse 30/Parterre (CE04), 8010 Graz, Austria
   \/      Email: [EMAIL PROTECTED]  Tel.: + 43 316 873 6883 (FAX 7699)


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]

Reply via email to