1 |
Why not use sudo? Then you can just |
2 |
|
3 |
# sudo <command_to_run> |
4 |
|
5 |
in your case |
6 |
|
7 |
# sudo emerge system |
8 |
|
9 |
If you don't want to run emerge as root, then you can change the sudoers |
10 |
file to have it run under your "emerge" user. Finally, to disable |
11 |
logins put an asterix in the second field of the shadow file for the |
12 |
emerge user. Then no one can login as there is no password and only |
13 |
root can su to the "emerge" user. But I believe sudo runs suid root so |
14 |
it should be able to take care of it...Of course, I haven't actually |
15 |
tried this part yet...so maybe it won't work. |
16 |
|
17 |
~Michael |
18 |
|
19 |
John Servo wrote: |
20 |
> add a giant password to the user with "mkpasswd <insert giant random |
21 |
> characters or a passage from a book or something>" so that cracking is |
22 |
> out of the question? |
23 |
> |
24 |
> and by the way you dont need the -, it's just "su emerge" |
25 |
> |
26 |
> On Wed, 2004-07-28 at 00:12, Robert Ullrich wrote: |
27 |
> |
28 |
>>Hi all, |
29 |
>> |
30 |
>>for the whole emerge-action I created a user "emerge" to keep me from |
31 |
>>su-ing to "root". Now I want to prevent this user to login directly into the |
32 |
>>system. Instead of that the only way to login should be a "su - emerge". |
33 |
>>What could I do? |
34 |
>> |
35 |
>>regards - Rob |
36 |
>> |
37 |
>>-- |
38 |
>>gentoo-security@g.o mailing list |
39 |
> |
40 |
> |
41 |
|
42 |
|
43 |
-- |
44 |
gentoo-security@g.o mailing list |