SUMMARY: permissions

From: Hisham Al Saad <ahisham_at_batelco.com.bh>
Date: Fri Jan 18 2002 - 02:04:19 EST
Thanks to all who replayed :
"Mike's List"  <mikelist@sky.net>
"Chong Wan" <wanchong@asiainfo.com>
"John Tan" <John.Tan@asx.com.au>
"Lito A. Lampitoc" <ral@codewan.com.ph
"Februarie Randall" <FebruarieR@aforbes.co.za>

Original post at the end.

Answer is Yes, it is possible.
Most of replies suggested to use "sudo", can be downloaded from
www.sunfreeware.com .
Use visudo to add a line giving that user permission to use
/usr/bin/passwd as root.  With this, this user can then "sudo passwd" to
change other peoples' passwords.  Lock that guy within a shell or menu such
that this be his only option, and you'd have what you want.  (Otherwise, he
may do other stuff that regular users may do - only have root privileges for
passwd).


Another suggestion was in the following steps:-
1. add a user in the system
2. use command 'setfacl'  to grant passwd file privilege to the user
3. change the shell of the user to the a shell script or a c program which
function is to change user's password (optional). in this case, the user
could only execute automatically the program you specified and could do
nothing else.


----- Original Message -----
> Hi,
> I'm trying to create a user account on Solaris 8 who has ONLY the right to
> change other users passwords, nothing else he should be able to do.
> Is this possible, and if Yes, how ?
> Thanks
> Hisham
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Fri Jan 18 01:05:19 2002

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:32 EST