On Thu, 2006-04-20 at 11:36 +1000, James Gray wrote: > Just because a user can "sudo" doesn't mean they can "sudo <anything>". You > *can* restrict users to only being able to sudo a very specific set of > commands and then even restrict further to options passed to those commands.
Yeah I know, it's one of those mornings where a growing list of "problems" was making me avoid having to do more :-( > > yep, trying to script it :-) > > Bummer - not really an option then. well, I don't have a big problem doing some of this manually as long as I can streamline it a bit. I'd like to keep good control over what's happening with package updates especially. > Double up the security: restrict allowed users AND use key-based auth. :) Agreed, I've learnt a bit about that the hard way recently :-( -- Simon Wong <[EMAIL PROTECTED]> -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
