Operating System - Linux
1833780 Members
2578 Online
110063 Solutions
New Discussion

is it posible to give a nis user the rights to restart any machine in the domain ?

 
Maaz
Valued Contributor

is it posible to give a nis user the rights to restart any machine in the domain ?

Dear Gurus

On nis server:
-------------
#visudo

nis_user ALL=/sbin/init 6

I wana ask that if 'nis_user' logs on to the nis domain from any nis client machine, will he be able to restart the nis client machine ?

if not is there any "centralize" way ? i.e I wana give the user 'nis_user' rights to restart every machine in the nis domain

Regards
Maaz
4 REPLIES 4
Mike Jagdis
Advisor

Re: is it posible to give a nis user the rights to restart any machine in the domain ?

If the sudoers file is copied to each machine.

If you mean you want to be able to admin the list of users that can reboot machines from a central point you should use a group or netgroup in sudoers:

%rootgroup ALL=...
or
+rootnetgroup ALL=...

then just adding to or removing them from the rootgroup or rootnetgroup in NIS is all that is needed.

If there's no need for files to be group rootgroup your should probably use a netgroup.

Mike
Maaz
Valued Contributor

Re: is it posible to give a nis user the rights to restart any machine in the domain ?

Dea Mike Jagdis many thanks for the support.
No i dont want to copy the sudoers file to each machine.

what i want is that I maintained/configure/update the sudoers file only at nis server.. i.e centralize.. is it posible ?

I'll check %rootgroup and +rootnetgroup.

Regards
Maaz
Ivan Ferreira
Honored Contributor

Re: is it posible to give a nis user the rights to restart any machine in the domain ?

You can use sudo with LDAP, see:

http://www.courtesan.com/sudo/readme_ldap.html
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Rick Garland
Honored Contributor

Re: is it posible to give a nis user the rights to restart any machine in the domain ?

What about creating a new map file containing the sudoers?

The sudoers file can be included in the yppush to the other systems. You do not have to copy to each machine, NIS will do it for you.