[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [sudo-users] How to disable ( deny ) user to change the password of root



Michael Schwendt wrote:
On Wed, 19 Nov 2008 12:52:30 +0800, edwardspl wrote:

  
Dear All,

For /usr/bin/upasswd :

#!/bin/sh

# Validate that a username was given as an argument
[ -n "$1" ] || {
echo "Use: upasswd <username>" >&2
exit 64
}

# Validate that the username wasn't "root"
[ "$1" != "root" ] || {
echo "Can't set the root user's password" >&2
exit 77
}

# Use -- to make sure that the "username" given wasn't just
# a switch that passwd would interpret.
# THIS ONLY WORKS ON GNU SYSTEMS.
passwd -- "$1"

For visudo :
SYSADM MH = (ALL) /usr/bin/upasswd
    

Even if you rely on sudo's default environment variables restrictions and
safety checks, prefer absolute paths when executing tools like
/usr/bin/passwd
  
Hello,

Sorry, I don't quite understanding what is your means...

Thanks !

Edward.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]