HPE Community
Operating System - HP-UX
1834454 Members
2291 Online
110067 Solutions
New Discussion

passwd without root permission

 
SOLVED
Go to solution
Dee_3
Regular Advisor

‎07-17-2001 05:42 AM

‎07-17-2001 05:42 AM

passwd without root permission

Can I somehow grant access to a person to change anyone's passwd without giving them open root access?
0 Kudos
Reply
7 REPLIES 7
Sachin Patel
Honored Contributor

‎07-17-2001 05:50 AM

‎07-17-2001 05:50 AM

Re: passwd without root permission

Hi Dee,
You can use program super. I think it is third party sofroware.
Then you can assign
passwd "/usr/bin/passwd" info="Change password" sachin, dee etc......
in /opt/super/lib/super.tab

So now user sachin and dee can run passwd with user id=0 i.e as root.

Sachin
Is photography a hobby or another way to spend $
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎07-17-2001 05:51 AM

‎07-17-2001 05:51 AM

Solution

Re: passwd without root permission

Hi Dee,

You are a brave soul. You could use sudo to do this but the obvious danger is that this person could then change root's passwd and become root. For that reason, I would be much more tempted to write a setuid c program which could trap for uid's < 101 and not act on them.


Obviously, sudo could call a script to do the same checking but I would never put something like this in a script.


Regards, Clay
If it ain't broke, I can fix that.
Reply
Joseph Chakkery
Valued Contributor

‎07-17-2001 06:07 AM

‎07-17-2001 06:07 AM

Re: passwd without root permission

Hello Dee,

I think U can use restricted sam to achieve ur requirement.
Using root login go to sam using
#sam -r optiion Then enable user menu to particular user who wants to do passwd change or creation of user etc.
This user won't be able to change the passwd of super user (ie root)

I hope this will help u.

Regards
Joe.
Knowledge is wealth
Reply
Ravi_8
Honored Contributor

‎07-17-2001 06:10 AM

‎07-17-2001 06:10 AM

Re: passwd without root permission

Hi,
this can be done using sudo.

later
ravi
never give up
Reply
Joseph C. Denman
Honored Contributor

‎07-17-2001 06:11 AM

‎07-17-2001 06:11 AM

Re: passwd without root permission

you could use sam -r to give a user restricted sam privs.

...jcd...
If I had only read the instructions first??
Reply
Deshpande Prashant
Honored Contributor

‎07-17-2001 06:15 AM

‎07-17-2001 06:15 AM

Re: passwd without root permission

HI
Restricetd sam access to user will help the users to change any one's password.
If you want to restrict the user to change only specific users/groups password, you can create a custom application in SAM. Write a script to check the requested user id is allowed id (eg. not root) then change password.
This script can be called from the custom application of SAM and run as root.

User sam -r to acccess/create the restricted SAM for user.

Thanks.
Prashant Deshpande.
Take it as it comes.
Reply
Dee_3
Regular Advisor

‎07-17-2001 06:46 AM

‎07-17-2001 06:46 AM

Re: passwd without root permission

Thanks to all for the information - I will give them a try!...deec
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.