SUMMARY: delegating passwd command use..

From: Marcelo Maraboli (maraboli@itata.disca.utfsm.cl)
Date: Fri Apr 26 1996 - 07:54:19 CDT

Hello admins...

The original query was:

 |Hello admins...
 |
 |I need to delegate to an operator a certain function...
 |
 |that he can CHANGE or ASSIGN passwords for users, but nothing else.
 |
 |I tried changing "/usr/bin/passwd" permissions, and
 |putting the "normal account" into /etc/group in groups like
 |root, sysadmin, sys. but it doesn't let me do
 |
 |passwd user
 |
 |The user CAN though, execute the "vipw" but i don't want him
 |to have that much access.
 |
 |Is there a way to do this without giving him too much permissions?
 |
 |Thanks in advance..

Thanks for the FAST replies...and to these people so far...

 Jason L Tibbitts III <tibbs@hpc.uh.edu>
 Stephen Potter <spp@psa.pencom.com>
 Nicky Ayoub <Nicky.Ayoub@Microchip.COM>
 beeg@mtb.phil.mop.com (Sean Beeg)
 coppeler@psu.ncifcrf.gov (Gary A. Coppeler)
 Michael Blandford <mikey@lanl.gov>
 "Ashish Pant" <Ashish.Pant@ska.com>
 Reto Lichtensteiger <rali@meitca.com>
 Jhon Honce <honce@mamba-e.gsfc.nasa.gov>
 Todd Michael Kennedy <tkennedy@phoenix.csc.calpoly.edu>
 Sahir Siddiqui <sahirns@menger.eecs.stevens-tech.edu>
 Dougal Scott <dwagon@aaii.oz.au>
 Kevin Davidson <tkld@cogsci.ed.ac.uk>
 Brad Young <bbyoung@amoco.com>

The winner was "sudo", which can grant a certain user access to a
certain root command.

Other winners are:
 passwdd, in use at ifi.uio.no
write perl script to run suid and put it under a c wrapper
"super"
 'opcom'
 doas

CAUTION: the delegated person might run "passwd root" as well, so a nice
before-sudo script would be nice.

sudo may be found in many places using archie, or others...

Thanks again you folks...I'll try sudo.. :) 

-- 
Marcelo Maraboli R.                | |----| |-[]-| |----|  C: uCapacitor
                                   | |     C  I   C     |  I: Electronic
Undergraduate Student              | |                  |       Island
Electronic Engineering             | |--------()--------|  V: Voltage
Federico Santa Maria University	   |        V + -          
Chile                              |         "Quantum Electronics"       
                                   | The Beginning of the New Electronic Age
System Operator of disca.utfsm.cl  |        
email:maraboli@disca.utfsm.cl      |  "Quantum Electronics, That's COOL!"
WWW : http://www.disca.utfsm.cl    |  "Shut up, Beavis!" 
--------------------------------------------------------------------------/

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:10:58 CDT