Stephen Carville wrote:

>On Monday 17 November 2008 20:30, [EMAIL PROTECTED] wrote:
>
>[snip]
>
>  
>
>>Just test as the following rule is successfuly:
>>
>>SYSADM    MH = (ALL)    USER,NOROOT
>>BUT there is another problem of it ( I think it is a bug of sudo ).....
>>
>>When you enter "sudo passwd" without the option (eg:userid):
>>
>>[EMAIL PROTECTED] ~]$ sudo passwd
>>Changing password for user root.
>>New UNIX password:
>>
>>OH...the user manager who can change root password ?
>>
>>So, is there any solution for this case of problem ?
>>    
>>
>
>Require a username be entered for passwd.
>
>USER           /usr/bin/passwd [A-z0-1]
>NOROOT !/usr/bin/passwd root
>
>SYSADM  MH=(ALL)   USER,NOROOT
>
Hello,

Just test the rules, BUT the result is fail:

[EMAIL PROTECTED] ~]$ sudo passwd
[sudo] password for manager:
Sorry, user manager is not allowed to execute '/usr/bin/passwd' as root
on edsvr.
[EMAIL PROTECTED] ~]$ sudo passwd root
[sudo] password for manager:
Sorry, user manager is not allowed to execute '/usr/bin/passwd root' as
root on edsvr.
[EMAIL PROTECTED] ~]$ sudo passwd edward
[sudo] password for manager:
Sorry, user manager is not allowed to execute '/usr/bin/passwd edward'
as root on edsvr.

So, how can we disable any user for changing the root password ?

Thanks !

Edward.
-- 
fedora-list mailing list
[email protected]
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

Reply via email to