> > > > > > root:x:0:root,"your loginname" > > > ... > > I don't like that. It seems unsafe to me. There's gotta be > > a better solution > > > > Currently, I am putting in special users in /etc/suauth > > but I only know the syntax for making su ask for the current > > users passwd, and not root's. Would like to prompt it to > > ask for root's password. Workaround anyone? > > > > Roger Endo > > > yep, its safer to but the usernames in suauth > > looks like (file /etc/suauth): > > root:ALL EXCEPT login1,login2:DENY > > or > > root:ALL EXCEPT login1,login2,GROUP root:DENY > > watch out! keyword GROUP let the parser know that all words behind GROUP > are group names - only the ":" escapes. > the examples let the users login1 and login2 and all users in group root > (2nd examp.) to get root access by enter the roots password, all others > will receive the message access denied. > > root:login1:NOPASS > root:login2:OWNPASS > root:ALL EXCEPT login3:DENY > > let the user login1 get root access without passwd > the user login2 have to put in his own passwd and > the user login3 have to use the root passwd all other user cant get in > > so if you want the users login1 login2 and login3 to be promted for the > root password you use: > > root:ALL EXCEPT login1,login2,login3:DENY > > hope that helps > > ciao Helmuth (irc: Pvppet) > > ______ Blasch Helmuth, Graz University of Technology, Austria > \ / Computing and Information Services Center > L\in/uX Steyrergasse 30/Parterre (CE04), 8010 Graz, Austria > \/ Email: [EMAIL PROTECTED] Tel.: + 43 316 873 6883 (FAX 7699) > > > -- > TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to > [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] > OK to chmod 640 suauth? What other files in the debian distribution in /etc can be made more unreadable by the world? Seems like a shell user can learn a lot by snooping around in /etc (i.e hosts.deny, hosts.allow)
Thanks, Roger -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Roger Endo President, Warp 9 Technologies LLC SBnet, Internet for Santa Barbara [EMAIL PROTECTED] 805-961-0150 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
