Stephen Carville wrote: >On Monday 17 November 2008 20:30, [EMAIL PROTECTED] wrote: > >[snip] > > > >>Just test as the following rule is successfuly: >> >>SYSADM MH = (ALL) USER,NOROOT >>BUT there is another problem of it ( I think it is a bug of sudo )..... >> >>When you enter "sudo passwd" without the option (eg:userid): >> >>[EMAIL PROTECTED] ~]$ sudo passwd >>Changing password for user root. >>New UNIX password: >> >>OH...the user manager who can change root password ? >> >>So, is there any solution for this case of problem ? >> >> > >Require a username be entered for passwd. > >USER /usr/bin/passwd [A-z0-1] >NOROOT !/usr/bin/passwd root > >SYSADM MH=(ALL) USER,NOROOT > Hello,
Just test the rules, BUT the result is fail: [EMAIL PROTECTED] ~]$ sudo passwd [sudo] password for manager: Sorry, user manager is not allowed to execute '/usr/bin/passwd' as root on edsvr. [EMAIL PROTECTED] ~]$ sudo passwd root [sudo] password for manager: Sorry, user manager is not allowed to execute '/usr/bin/passwd root' as root on edsvr. [EMAIL PROTECTED] ~]$ sudo passwd edward [sudo] password for manager: Sorry, user manager is not allowed to execute '/usr/bin/passwd edward' as root on edsvr. So, how can we disable any user for changing the root password ? Thanks ! Edward.
-- fedora-list mailing list [email protected] To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
