Re: [sudo-users] How to disable ( deny ) user to change the password of root

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Michael Schwendt wrote:
On Tue, 18 Nov 2008 08:36:56 -0800, Gordon Messmer wrote:

  
passwd-wrapper:
#!/bin/sh

# Validate that a username was given as an argument
[ -n "$1" ] || {
	echo "Use: passwd-wrapper <username>" >&2
	exit 64
}

# Validate that the username wasn't "root"
[ "$1" != "root" ] || {
	echo "Can't set the root user's password" >&2
	exit 77
}

# Use -- to make sure that the "username" given wasn't just
# a switch that passwd would interpret.
# THIS ONLY WORKS ON GNU SYSTEMS.
passwd -- "$1"
    
Don't let users run this via sudo unless you execute tools with
absolute path --> /usr/bin/passwd  

  
Hello,

Do you means there is some problem / security with this shell scripts ?
BUT, only some of special user who can running some of cmd via sudo...
eg: System Admin ( manager ) and Support Term...

Thank for your care...

Edward.
-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux