After posting my Summary, I recieved lots of replies that suggest using "Role Based Access Control" (RBAC) on Solaris 8. Thanks again for your help.:=) ----- Original Message ----- From: "Hisham Al Saad" <ahisham@batelco.com.bh> To: <sunmanagers@sunmanagers.org> Sent: Friday, January 18, 2002 10:04 AM Subject: SUMMARY: permissions > Thanks to all who replayed : > "Mike's List" <mikelist@sky.net> > "Chong Wan" <wanchong@asiainfo.com> > "John Tan" <John.Tan@asx.com.au> > "Lito A. Lampitoc" <ral@codewan.com.ph > "Februarie Randall" <FebruarieR@aforbes.co.za> > > Original post at the end. > > Answer is Yes, it is possible. > Most of replies suggested to use "sudo", can be downloaded from > www.sunfreeware.com . > Use visudo to add a line giving that user permission to use > /usr/bin/passwd as root. With this, this user can then "sudo passwd" to > change other peoples' passwords. Lock that guy within a shell or menu such > that this be his only option, and you'd have what you want. (Otherwise, he > may do other stuff that regular users may do - only have root privileges for > passwd). > > > Another suggestion was in the following steps:- > 1. add a user in the system > 2. use command 'setfacl' to grant passwd file privilege to the user > 3. change the shell of the user to the a shell script or a c program which > function is to change user's password (optional). in this case, the user > could only execute automatically the program you specified and could do > nothing else. > > > ----- Original Message ----- > > Hi, > > I'm trying to create a user account on Solaris 8 who has ONLY the right to > > change other users passwords, nothing else he should be able to do. > > Is this possible, and if Yes, how ? > > Thanks > > Hisham > _______________________________________________ > sunmanagers mailing list > sunmanagers@sunmanagers.org > http://www.sunmanagers.org/mailman/listinfo/sunmanagers _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Sat Jan 19 01:54:18 2002
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:32 EST