[NCLUG] Sudo
Onyx
onyx at frii.net
Thu Aug 10 07:51:22 MDT 2006
Hi NCLUGers,
When using 'sudo', does anyone know of an efficient way to setup the
sudoers file so that a particular group (ie: wheel) can execute all root
commands, but cannot become root (through the means 'su' or any other form).
I tried defining something like the following, but it didn't seem to do
the trick.
<SNIP>
Cmnd_Alias SU = /usr/bin/su
Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \
/usr/local/bin/tcsh, /usr/bin/rsh, \
/usr/local/bin/zsh
%wheel ALL=ALL, !SU, !SHELLS
</SNIP>
Any help would be appreciated. Thank you!
- Onyx Mueller
More information about the NCLUG
mailing list