[prev in list] [next in list] [prev in thread] [next in thread]
List: aix-l
Subject: Re: locking who can use the su command down
From: James Cizek <jcizek () YUMA ! ACNS ! COLOSTATE ! EDU>
Date: 2009-07-22 21:52:44
Message-ID: 200907222152.n6MLqiq893010 () yuma ! acns ! colostate ! edu
[Download RAW message or body]
This was exactly what I was looking for. Many thanks to all who answered,
and to Edward for help with my solution! -James
>
> James,
>
> In the "root" stanza of "/etc/security/user", add lines for "su = true" and \
> "sugroups = comma,separate,list,of,groups"
> This will allow only users in those groups to use /usr/bin/su to switch user to \
> root. I believe this can be done using the chuser command, since it is safer to \
> edit this file by "ch" commands rather than with vi.
>
> Edward Davignon
> Lead Analyst - Distributed Systems Unix
> Utility Shared Services - IT
> Energy East Corporation
>
>
> -----Original Message-----
> From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU] On Behalf Of James Cizek
> Sent: Monday, July 20, 2009 4:16 PM
> To: aix-l@Princeton.EDU
> Subject: locking who can use the su command down
>
> This may seem like a very simple question and maybe I am missing something...
> I'd like to (by default) not allow users on my AIX 5.3 box the ability
> to "su" to root. There are only about 6 accounts that I care to allow
> a root su to... Is it possible to discriminate between letting some user
> account su up to root and not others? Many thanks in advance!!
>
> James Cizek (970)491-7432
> System Administrator FAX (970)491-1958
> Colorado State University james@ColoState.EDU
> Academic Computing and Networking Services
> Fort Collins, CO 80523
>
>
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic