Gentoo Archives: gentoo-security

From: Christian Schwede <cschwede@×××××××××××.de>
To: Robert Ullrich <roul76@×××.de>
Cc: gentoo-security@l.g.o
Subject: Re: [gentoo-security] Prevent users to login directly
Date: Wed, 28 Jul 2004 07:08:05
Message-Id: D42B12AE-E064-11D8-B56D-000A95CD75DC@delphi-gmbh.de
In Reply to: Re: [gentoo-security] Prevent users to login directly by Robert Ullrich
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 Am 28.07.2004 um 08:52 schrieb Robert Ullrich:
5 >> That's the point of sudo - they don't _need_ to know the root
6 >> password.
7 >> Users x, y and z can all run emerge using their own password, which
8 >> is a
9 >> (default) option in sudoers.
10 >
11 > The point is: I won't let every user emerge. Only "root" and "emerge"
12 > should be allowed
13
14 Then use visudo to let only the admin users use sudo for emerge. For
15 example, we have different admin groups with different privilege
16 levels. Some admins are allowed to do all, some not. Works very fine
17 with sudo.
18
19 Regards, Christian
20
21
22 - ------------------------------------------------------------------------
23 - ----------
24 Christian Schwede
25 Netzwerkadministration
26
27 delphi Business Information Consultants GmbH
28 Hans-Henny-Jahnn-Weg 9
29 22085 Hamburg, GERMANY
30
31 Tel: 040 284186-61
32 Fax: 040 284186-90
33 mailto Christian.Schwede@×××××××××××.de
34
35 visit us at: http://www.delphi-gmbh.de
36
37 GPG/PGP Key ID: 6B00DAAB, Fingerprint:
38 879D D5E8 63C5 B89D 8363 9121 AB6A 37A4 6B00 DAAB
39 - ------------------------------------------------------------------------
40 - ----------
41
42 -----BEGIN PGP SIGNATURE-----
43 Version: GnuPG v1.2.4 (Darwin)
44
45 iD8DBQFBB1DFq2o3pGsA2qsRAvbvAJ0bXY5PcBhHzuCrY753mwdTC7ffpACeMt37
46 +4lEoY7PrMElAXylchUOROo=
47 =cv9U
48 -----END PGP SIGNATURE-----
49
50
51 --
52 gentoo-security@g.o mailing list