"Your manager should have it, but NO ONE ELSE, EVER." Are you a frakking idiot? managers should never have root password. have you ever seen what managers DO for a living? On Fri, Jun 5, 2009 at 5:19 PM, mark <m.roth2006@xxxxxxx> wrote: > Ezra Taylor wrote: > > You can also make sure that you are the only one that knows the password. > > Doing a su - root requires a password. If your users don't know the root > > password, they will not be able to access the root account. Also, as > > another of our list members stated, put only users you what to have sudo > > access in a group(ie wheel) in your sudoers file. > > No. Users. Should. Have. Root. Password. Engrave that in stone in your > brain. > > Your manager should have it, but NO ONE ELSE, EVER. > > This is not a Windows box. They can do what they need to without it. If and > *only* if they have a special reason, *and* your manager agrees, give them > sudo, and limit that. > > mark > > > > On Thu, Jun 4, 2009 at 7:00 AM, Daniel Carrillo > > <daniel.carrillo@xxxxxxxxx>wrote: > > > >> 2009/6/4 Matias Nicolas <matiasnicolas@xxxxxxxxxx>: > >>> hello everybody. I wannna know something... I want to deny the su - > root > >> to the users in the system. i don't know how to do that... does somebody > >> know how to do that?? > >>> > >>> > >>> Ex: I got 5 users (user1 user2 user3 user4 mine) I dont want them to do > >> su - root. Let's let user2 do su - root And I (the administrator) want > to > >> login as root when i get the "login as:" prompt. Is there any > possibility > >> to do that?? > >> > >> You can edit /etc/pam.d/su and follow the instructions from commented > >> lines. > >> > >> Basically, you can restrict use of su, to the users in group wheel. > >> > >> BR. > >> > >> -- > >> redhat-list mailing list > >> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > >> https://www.redhat.com/mailman/listinfo/redhat-list > >> > > > > > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > "Your manager should have it, but NO ONE ELSE, EVER." Are you a frakking idiot? managers should never have root password. have you ever seen what managers DO for a living? -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
