Giving regular users access to certain root-only commands
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Giving regular users access to certain root-only commands
Is there any way I can give EVERYBODY access to certain root-only commands without giving out the su password?
Specifically, I'd like for people to be able to turn off the computer when their finished with the shutdown -h or the halt command, and I'd like for people to mount CDs, 3.5" floppy, and ZIP disks, which I only know how to do using the mount command. Also the reboot command would be nice to add to the list so people can switch OSes (I have a duel boot and linux is NOT the primary OS for some users). Finally, I'd like for at least one user to be able to use the ifconfig command, or have some other means of finding out what the current IP number of the computer is, since it's allocated via DHCP.
Unfortunetly, all of these tasks require me to be logged in as root (or use the su command), and nobody else can accomplish these tasks except for those with the su password. I am quite inexperienced with Linux/Unix administration and am still learning, so if somebody could please give a detailed explination of the procedure involved in making these commands available to everybody, I'd apreciate it.
Oh, BTW, I'm using Yellow Dog Linux 2.1 on a PowerMac 6500/300. It's basically a PPC version of Red Hat Linux, though I noticed a few differences in my limited experience with Red Hat. I'd use something later, but I can't seem to get later distrubutions to run on that hardware.
1. Check out the man page for sudo. This is probably going to be the best option, I consider it the "proper" way to do such tasks, and it's also going to be the best documented.
2. Create a group. Now, own these specific tasks to that group. Add your users to this group, and ensure proper permissions for GROUP are given. Finally, you may have to modify your user's PATH variables to include the /sbin directory as that's where quite a few of these "root" commands will be located. Each time you add additional users, be sure to add them to this group (assuming you want them to have the same permissions).
There are others, however these 2 are probably going to be some of your better choices. If you aren't in a hurry, hold out for a few other responses to get a good feel for some ideas to choose from.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
On a few distros, they have chosen the group "wheel" for these functions.
