[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Prevent log in as root



It would appear that on Apr 24, Richard Kurth did say:

> Is there a way to Prevent anyone from logging in as root. I what them
> to only log in as admin and su to root. What would I change to make
> this work?

I don't believe you can limit what (any user who can provide su with the
root password) can do...

I'm not an expert on sudo, but I think it may be more suitable for what
you want to do than su... (I'm sure someone here would help you
understand how to selectively limit the sudo permissions for "admin" to
the tasks you actually need them to do.) But do give man sudo a look see. 

I've never needed sudo because my linux box is really a single user
machine where I do all my own admin tasks, so for me su works. But I
would NOT even think of letting anyone else have the root password. 

If you can actually "trust" them with such nuclear access as the root
password, then I'd suggest "asking" them to comply with the admin su to
root policy. If they can't be "trusted" that far, then you *really* don't
want to trust them with the root password et all.

Remember to any unix: root="can_do_anything!"

-- 
|				      ---   ---
|     Joe (theWordy) Philbrook	      <o>   <o>
|	   J(tWdy)P			  ^
|	<<jtwdyp ttlc net>>		/---\	"bla bla bla..."
|					\___/	"...and bla..."

   At least I know my mouth is running, I just can't find the off button!



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]