Stephen Carville wrote:
Hello to you,On Monday 17 November 2008 00:49, edwardspl ita org mo wrote:Dear All, For the sudo setting ( visudo ) : User_Alias SYSADM = manager Cmnd_Alias NOROOT = !/usr/bin/passwd root Cmnd_Alias USER = /usr/sbin/adduser, /usr/bin/passwd, /bin/chown, /usr/sbin/userdel SYSADM MH = (ALL) NOROOT,USER BUT the test result as the following : [manager xxx ~]$ sudo passwd root Changing password for user root. New UNIX password: So, what wrong of the config ?I think the exception has to be after the allowed rule: SYSADM MH = (ALL) USER,NOROOT It's been while since I checked that part of the code...
Just test as the following rule is successfuly:
SYSADM MH = (ALL) USER,NOROOTBUT there is another problem of it ( I think it is a bug of sudo ).....
When you enter "sudo passwd" without the option (eg:userid):
[manager xxx ~]$ sudo passwd
Changing password for user root.
New UNIX password:
OH...the user manager who can change root password ?
So, is there any solution for this case of problem ?