Board index Unix Admin

Granting root access to defined non-root users...

Granting root access to defined non-root users...

Post by babak.sha.. » Thu, 26 Sep 1996 04:00:00



I am somewhat new to the unix sysadmin world and have a simple
question. Consider the following:

1) Two groups IS and NONIS exist as such:

/etc/group:

IS:*:100:john,joe
NONIS:*:200:mary,jane,...

How would I grant IS people permission to modify all files in NONIS
directories ie. John/Joe making changes in mary/jane's directories.

Keep in mind that only John and Joe should have that privilage.
I thought about using chmod 770 on NONIS directories, but then
that does not quite do the job.

2) We have some consultants that come in and help us out on
different projects. How would I grant them root access without giving
away root password? I've heard of a utility called gsu that allows you
to define nonroot people who can have root access. This way when
the consultant leaves, I can take him out of that list and I don't
have to change root password everytime.

Appreciate all the  help,
Babak Shakib

 
 
 
Top

Granting root access to defined non-root users...

Post by rthr » Sat, 28 Sep 1996 04:00:00



> I am somewhat new to the unix sysadmin world and have a simple
> question. Consider the following:

> 1) Two groups IS and NONIS exist as such:

> /etc/group:

> IS:*:100:john,joe
> NONIS:*:200:mary,jane,...

> How would I grant IS people permission to modify all files in NONIS
> directories ie. John/Joe making changes in mary/jane's directories.

> Keep in mind that only John and Joe should have that privilage.
> I thought about using chmod 770 on NONIS directories, but then
> that does not quite do the job.

> 2) We have some consultants that come in and help us out on
> different projects. How would I grant them root access without giving
> away root password? I've heard of a utility called gsu that allows you
> to define nonroot people who can have root access. This way when
> the consultant leaves, I can take him out of that list and I don't
> have to change root password everytime.

> Appreciate all the  help,
> Babak Shakib


Just add "joe" and "john" to the NONIS group unless you have the umask set
to 644 on the NONIS group. You could also give them "su" privledges.

 
 
 
Top

Granting root access to defined non-root users...

Post by Leon von Staube » Sat, 28 Sep 1996 04:00:00



> 1) Two groups IS and NONIS exist as such:
> /etc/group:
> IS:*:100:john,joe
> NONIS:*:200:mary,jane,...
> How would I grant IS people permission to modify all files in NONIS
> directories ie. John/Joe making changes in mary/jane's directories.
> Keep in mind that only John and Joe should have that privilage.
> I thought about using chmod 770 on NONIS directories, but then
> that does not quite do the job.
> 2) We have some consultants that come in and help us out on
> different projects. How would I grant them root access without giving
> away root password? I've heard of a utility called gsu that allows you
> to define nonroot people who can have root access. This way when
> the consultant leaves, I can take him out of that list and I don't
> have to change root password everytime.

Answer to both questions: sudo. You can grant superuser access to
specific commands for specific users on specific machines.

____________________________________________________________________
Leon von Stauber                        http://www.occam.com/leonvs/



"We have not come to save you, but you will not die in vain!"

 
 
 
Top

1. /*Help*/ Granting non-root users access to svgalib?

Hi,

I'm running a program called zgv, a graphic viewer, that utilizes
svgalib. There is no problem if I'm running it as root. However, if I run
it as non-root users, I got "svgalib: Cannot get I/O permissions."
Could someone please help me with this because I do not like the idea of
running a program as root everytime :-)

Thank you very much.


2. POST prob with apache,not with NCSA

3. Granting access to mounted FAT for non-root users

4. Trables with Squid & ipfwadm

5. run a non-root user's program from a non-root user

6. Netscape problems! Tired of hearing about it yet ?????

7. Root Access to non-root users

8. printf() and rint()

9. RH8 - Problem w/non-root users starting root programs

10. Root priviledges for non-root users

11. root privileges for non-root users

12. Non-root Users Cannot Gain Access

13. How can non-root users access serial ports


All times are UTC
Board index