On Fri, Apr 16, 2004 at 09:48:26AM -0400, Matthew Miller wrote: > On Fri, Apr 16, 2004 at 02:58:27PM +0200, Miloslav Trmac wrote: > > > My patch implements what I call a "sudo-like" behavior (although it is > > > much simpler than sudo). Each program, through its console.apps config > > > file, can have a list of groups whose members are able to authorize as > > > themselves. Anyone not a member of the approved groups either must give > > > the root password (or the password of a given user, or is denied access > > > completely via a new <none> value). > > Shoudn't this be already possible using PAM (e.g. pam_listfile)? > I don't think so. How would you do it? The selection of user account to > authorize against (root, or <user>, or even some other account) happens at a > earlier/higher level. Ah, sorry. I have misread what you want to do. Mirek
