Date: Thu, 01 Feb 2001 23:24:36 +0100 From: Christoph Sold <so@server.i-clue.de> To: Micke Josefsson <mj@isy.liu.se> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: About delegating account creation Message-ID: <3A79E224.51068730@i-clue.de> References: <XFMail.010201102556.mj@isy.liu.se>
next in thread | previous in thread | raw e-mail | index | archive | help
Micke Josefsson schrieb: > > I am root on a server. And as such I can create new accounts. Now if am away can > I delegate account creation to someone else without also giving him/her the > means of creating havoc with the system? > > Would it be enough to include this person into, say, the wheel group? (as the pw > an vipw command are owned by root:wheel). Can I do chmod 660 on > /etc/master.passwd or is that a bad thing? > > How does one do this 'in real life'? How about /usr/ports/security/sudo? This way, you may delegate root rights for a single command to any user or group. I'd delegate adduser to somebody trusted. Anyhow, if you can use adduser, you can create another root account for you, so why not trust her with a root password? HTH -Christoph Sold To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A79E224.51068730>