give simple users a lil' more rights

[SneaZ]

Hello,

I'd like to create a couple of users who've got a little more rights
than a normal user.
The only thing they need to be able to do is restart some services
thru /etc/init.d.

could someone give me a clue on how to do this.
Thank you very much

Bart
_________________
:: Reach Out And Grep Someone ::

[Earthwings]

Have a look at sudo and configure it properly.

[Markrian]

Couple of guesses:

1. Add the users to a special group you've created, say 'service', and for each script that you want to execute via the user, change the owning group to 'service', and then add the executable bit to for the group in those scripts.
   
2. If that doesn't work (I can imagine why that wouldn't work for some scripts), add the setuid bit for the scripts you want users to be able to execute.
   

The second one should work, after a bit of playing around. Read the man page for chmod if unsure.
_________________
Wikipedia - The Free Encyclopædia

[SneaZ]

thx,

going to rtfm now
_________________
:: Reach Out And Grep Someone ::

[myuser]

On a single user system I tend to use su - -c "echo hello"

where echo hello is the command you want. I often place that into a menu item in fluxbox.

I can see the attraction on a multiuser site in using sudo, but I do wonder how secure it actually is. sudo configured well probably is ok, but make a mistake and you have punched a hole in your security, it also moves root access one step closer, if one of your more trusted users get compromised then the cracker has one more point to attack. Security gets a lot more complicated when you think that someone can control a process that runs as root.

[SneaZ]

I'm currently configuring sudo, this is exactly the thing I need.

thanks
_________________
:: Reach Out And Grep Someone ::