LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   how to allow a user to manage the users? (https://www.linuxquestions.org/questions/linux-newbie-8/how-to-allow-a-user-to-manage-the-users-783927/)

kingston 01-22-2010 12:23 AM
how to allow a user to manage the users?
 
hi all...i want to allow the user winny to manage users...
i have added the following lines to the visudo file.

#user alias specification
User_Alias LIMITEDTRUST = winny

#command alias specification
Cmnd_Alias MINUMUM = /usr/sbin/useradd, /usr/bin/passwd, /usr/sbin/groupadd, /usr/sbin/usermod, /usr/sbin/userdel

#user privilege specification

LIMITEDTRUST ALL=MINIMUM

then i logged in as a user winny, and fire the following command
#sudo username linus
then it prompt me for a password, i dont know which password has to be given, i gave the user winny's password. I was told "sorry, try it again", then i gave the root user password. Same error was persist. when i fired the sudo username command second time it said useradd command not found.

How to solve this issue?

chrism01 01-22-2010 12:27 AM
winny@somehost> sudo /usr/sbin/useradd <someparam> <...> new_user_login

and supply the passwd for winny.

See http://linux.die.net/man/8/useradd

kingston 01-25-2010 01:28 AM
hi there is a small problem in saving my visudo file?
Quote:
40
41 ## Delegating permissions
42 Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
43
44 ## Processes
45 Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
46
47 ## Drivers
48 Cmnd_Alias DRIVERS = /sbin/modprobe
49
50 # Defaults specification
51
52 #
53 # Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
54 # You have to run "ssh -t hostname sudo <cmd>".
55 #
56 Defaults requiretty
57
58 Defaults env_reset
59 Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
60 LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
61 LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
62 LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
63 LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
64 _XKB_CHARSET XAUTHORITY"
65
66 ## Next comes the main part: which users can run what software on
67 ## which machines (the sudoers file can be shared between multiple
68 ## systems).
69 ## Syntax:
70 ##
71 ## user MACHINE=COMMANDS
72 ##
73 ## The COMMANDS section may have other options added to it.
74 ##
75 ## Allow root to run any commands anywhere
76 root ALL=(ALL) ALL
77
78 ## Allows members of the 'sys' group to run networking, software,
79 ## service management apps and more.
80 # %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS
81
82 ## Allows people in group wheel to run all commands
83 # %wheel ALL=(ALL) ALL
84
85 ## Same thing without a password
86 # %wheel ALL=(ALL) NOPASSWD: ALL
87
88 ## Allows members of the users group to mount and unmount the
89 ## cdrom as root
90 # %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
91 ## Allows members of the users group to shutdown this system
92 # %users localhost=/sbin/shutdown -h now
93
94 #user alias specification
95 User_Alias LIMITEDTRUST = winston
96 Cmnd_Alias MINIMUM =/usr/sbin/useradd, /usr/bin/passwd, /usr/sbin/groupadd, /usr/sbin/usermod, /usr/sbin/groupdel, usr/sbin/userdel
97 #user privilege specification
98 LIMITEDTRUST ALL=MINIMUM
plz concentrate on the last 15 lines...i just added the /usr/sbin/userdel command in the cmnd alias section. when i tried to save, it gave some syntax error...the error is

[root@kingston etc]# visudo
Warning: undeclared Cmnd_Alias `MINIMUM' referenced near line 93
>>> sudoers file: syntax error, line 90 <<<
Warning: undeclared Cmnd_Alias `MINIMUM' referenced near line 93
What now? e
>>> sudoers file: syntax error, line 90 <<<
Warning: undeclared Cmnd_Alias `MINIMUM' referenced near line 93
What now?

But the line no 93 is emplty...i am little bit confusing....

evo2 01-25-2010 01:46 AM
Quote:
Originally Posted by kingston (Post 3836066)
then i logged in as a user winny, and fire the following command
#sudo username linus
then it prompt me for a password,
The command "username" (whatever that maybe) was not listed in the config you posted. In these cases I think sudo plays dumb and just asks for a password.

Evo2.

sohail0399 01-25-2010 01:54 AM
i have tried this but actual error is on line this


LIMITEDTRUST ALL=MINIMUM
undeclared Cmnd_Alias `MINIMUM' referenced near line

i dont the actual syntax

chrism01 01-25-2010 01:57 AM
Its difficult to say, but
Quote:
>>> sudoers file: syntax error, line 90 <<<
leads me to believe that somewhere, possibly line 90 or close before, you've got an actual newline break in the middle of a declaration. This is not allowed, you either use a wide line or with default vim line-wrapping or escape a newline with '\' see these examples http://linux.die.net/man/5/sudoers

sohail0399 01-25-2010 02:58 AM
i found error

which is in line of last command
Cmnd_Alias MINIMUM =/usr/sbin/useradd, /usr/bin/passwd, /usr/sbin/groupadd, /usr/sbin/usermod, /usr/sbin/groupdel, usr/sbin/userdel


this is the Error:
, usr/sbin/userdel

every thing is fine

kingston 01-25-2010 03:06 AM
it screwed up me a lot...i simply reinstalled the sudo rpm...and configured again...as chrism told,
Quote:
winny@somehost> sudo /usr/sbin/useradd <someparam> <...> new_user_login

and supply the passwd for winny.
i fired the command "sudo /usr/sbin/useradd winny", first time i was asked a password. i gave the password of winston. Next time when i add a user it didnt ask anything. It works well...thanks to all

kingston 01-25-2010 03:08 AM
ok sohail...thanks i got it now....


All times are GMT -5. The time now is 09:14 PM.