Date: Fri, 12 Apr 2002 00:56:45 -0700 (PDT) From: Annelise Anderson <andrsn@andrsn.stanford.edu> To: Lord Raiden <raiden23@netzero.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Setting user execution rights Message-ID: <Pine.BSF.4.10.10204120055290.85434-100000@andrsn.stanford.edu> In-Reply-To: <4.2.0.58.20020412014309.0095d460@pop.netzero.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 12 Apr 2002, Lord Raiden wrote: > Ok, I'm curious of something. How do I set it so that a given user has > permission to execute program X and Y and look at a few files or logs on a > given server yet not to anything else? I've got some servers I'm looking > to lock down but to do so means that I have to login as root each time I > need to do maintenance, and I hate being woke at 3am to bounce apache > because there was a power glitch or something or Ldap bit the dust. I want > to set it so that certain users have rights to execute, kill, restart > certain programs, and view certain files without giving them any privileges > above and beyond that. So for example user "joedoe" will be able to logon > as "joedoe" and start/kill/restart apache and view the apache logs, but > nothing else. A task normally only available to root. Joe Doe #2 would > have rights to do the same with FTPD and view/edit/delete web content under > "usr/local/www/data" and nothing more. > > It's been so long since I've had to do this that I've gone stupid. Can > someone refresh me on how to do this? Thanks. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message sudo (in ports) is one commonly used program (a substitute for su) to give administrators access to some stuff and not other stuff. You can set it up for "who gets to do what." Annelise -- Annelise Anderson Author of: FreeBSD: An Open-Source Operating System for Your PC Available from: BSDmall.com and amazon.com Book Website: http://www.bittreepress.com/FreeBSD/introbook/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10204120055290.85434-100000>