On Mon, 12 Jun 2000, John Summerfield wrote:
>
> On Standard RHL, one has to be root to create a user.
> Being root, one can also read/write any file on the system, install new
> software, reconfigure sendmail.
>
> As a professional maintaining Linux systems, I'd not want this.
>
> If sudo allows me to partition these responsibilities and delegate them to
> separate areas, then it probably fixes the problem.
>
> PAM is not the right way to go; programs should not have to have this kind
> of security built into them.
>
Oh, if that is what you need then sudo will do it for you. Just add the
usernames to the /etc/sudoers file, and also specify there which commands
they are allow to run. They will then be able to run the commands to add
new users to the system (for example), and whatever they do will also be
logged into /var/log/messages.
--
Nitebirdz
http://www.linuxnovice.org
Tips, articles, news, links...
--
To unsubscribe:
mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
