LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-22-2010, 01:23 AM   #1
kingston
Member
 
Registered: Mar 2008
Location: Bengaluru, India
Distribution: RHEL 5.5, Solaris 5.10
Posts: 215
Blog Entries: 1

Rep: Reputation: 21
how to allow a user to manage the users?


hi all...i want to allow the user winny to manage users...
i have added the following lines to the visudo file.

#user alias specification
User_Alias LIMITEDTRUST = winny

#command alias specification
Cmnd_Alias MINUMUM = /usr/sbin/useradd, /usr/bin/passwd, /usr/sbin/groupadd, /usr/sbin/usermod, /usr/sbin/userdel

#user privilege specification

LIMITEDTRUST ALL=MINIMUM

then i logged in as a user winny, and fire the following command
#sudo username linus
then it prompt me for a password, i dont know which password has to be given, i gave the user winny's password. I was told "sorry, try it again", then i gave the root user password. Same error was persist. when i fired the sudo username command second time it said useradd command not found.

How to solve this issue?
 
Old 01-22-2010, 01:27 AM   #2
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,241

Rep: Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325
winny@somehost> sudo /usr/sbin/useradd <someparam> <...> new_user_login

and supply the passwd for winny.

See http://linux.die.net/man/8/useradd
 
Old 01-25-2010, 02:28 AM   #3
kingston
Member
 
Registered: Mar 2008
Location: Bengaluru, India
Distribution: RHEL 5.5, Solaris 5.10
Posts: 215
Blog Entries: 1

Original Poster
Rep: Reputation: 21
hi there is a small problem in saving my visudo file?
Quote:
40
41 ## Delegating permissions
42 Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
43
44 ## Processes
45 Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
46
47 ## Drivers
48 Cmnd_Alias DRIVERS = /sbin/modprobe
49
50 # Defaults specification
51
52 #
53 # Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
54 # You have to run "ssh -t hostname sudo <cmd>".
55 #
56 Defaults requiretty
57
58 Defaults env_reset
59 Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
60 LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
61 LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
62 LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
63 LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
64 _XKB_CHARSET XAUTHORITY"
65
66 ## Next comes the main part: which users can run what software on
67 ## which machines (the sudoers file can be shared between multiple
68 ## systems).
69 ## Syntax:
70 ##
71 ## user MACHINE=COMMANDS
72 ##
73 ## The COMMANDS section may have other options added to it.
74 ##
75 ## Allow root to run any commands anywhere
76 root ALL=(ALL) ALL
77
78 ## Allows members of the 'sys' group to run networking, software,
79 ## service management apps and more.
80 # %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS
81
82 ## Allows people in group wheel to run all commands
83 # %wheel ALL=(ALL) ALL
84
85 ## Same thing without a password
86 # %wheel ALL=(ALL) NOPASSWD: ALL
87
88 ## Allows members of the users group to mount and unmount the
89 ## cdrom as root
90 # %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
91 ## Allows members of the users group to shutdown this system
92 # %users localhost=/sbin/shutdown -h now
93
94 #user alias specification
95 User_Alias LIMITEDTRUST = winston
96 Cmnd_Alias MINIMUM =/usr/sbin/useradd, /usr/bin/passwd, /usr/sbin/groupadd, /usr/sbin/usermod, /usr/sbin/groupdel, usr/sbin/userdel
97 #user privilege specification
98 LIMITEDTRUST ALL=MINIMUM
plz concentrate on the last 15 lines...i just added the /usr/sbin/userdel command in the cmnd alias section. when i tried to save, it gave some syntax error...the error is

[root@kingston etc]# visudo
Warning: undeclared Cmnd_Alias `MINIMUM' referenced near line 93
>>> sudoers file: syntax error, line 90 <<<
Warning: undeclared Cmnd_Alias `MINIMUM' referenced near line 93
What now? e
>>> sudoers file: syntax error, line 90 <<<
Warning: undeclared Cmnd_Alias `MINIMUM' referenced near line 93
What now?

But the line no 93 is emplty...i am little bit confusing....
 
Old 01-25-2010, 02:46 AM   #4
evo2
LQ Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and Scientific Linux
Posts: 5,753

Rep: Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288
Quote:
Originally Posted by kingston View Post
then i logged in as a user winny, and fire the following command
#sudo username linus
then it prompt me for a password,
The command "username" (whatever that maybe) was not listed in the config you posted. In these cases I think sudo plays dumb and just asks for a password.

Evo2.
 
Old 01-25-2010, 02:54 AM   #5
sohail0399
Member
 
Registered: Oct 2008
Location: Pakistan, Islamabad
Distribution: CentOS, Fedora, Solaris
Posts: 154

Rep: Reputation: 23
i have tried this but actual error is on line this


LIMITEDTRUST ALL=MINIMUM
undeclared Cmnd_Alias `MINIMUM' referenced near line

i dont the actual syntax
 
Old 01-25-2010, 02:57 AM   #6
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,241

Rep: Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325
Its difficult to say, but
Quote:
>>> sudoers file: syntax error, line 90 <<<
leads me to believe that somewhere, possibly line 90 or close before, you've got an actual newline break in the middle of a declaration. This is not allowed, you either use a wide line or with default vim line-wrapping or escape a newline with '\' see these examples http://linux.die.net/man/5/sudoers
 
Old 01-25-2010, 03:58 AM   #7
sohail0399
Member
 
Registered: Oct 2008
Location: Pakistan, Islamabad
Distribution: CentOS, Fedora, Solaris
Posts: 154

Rep: Reputation: 23
i found error

which is in line of last command
Cmnd_Alias MINIMUM =/usr/sbin/useradd, /usr/bin/passwd, /usr/sbin/groupadd, /usr/sbin/usermod, /usr/sbin/groupdel, usr/sbin/userdel


this is the Error:
, usr/sbin/userdel

every thing is fine
 
Old 01-25-2010, 04:06 AM   #8
kingston
Member
 
Registered: Mar 2008
Location: Bengaluru, India
Distribution: RHEL 5.5, Solaris 5.10
Posts: 215
Blog Entries: 1

Original Poster
Rep: Reputation: 21
it screwed up me a lot...i simply reinstalled the sudo rpm...and configured again...as chrism told,
Quote:
winny@somehost> sudo /usr/sbin/useradd <someparam> <...> new_user_login

and supply the passwd for winny.
i fired the command "sudo /usr/sbin/useradd winny", first time i was asked a password. i gave the password of winston. Next time when i add a user it didnt ask anything. It works well...thanks to all
 
Old 01-25-2010, 04:08 AM   #9
kingston
Member
 
Registered: Mar 2008
Location: Bengaluru, India
Distribution: RHEL 5.5, Solaris 5.10
Posts: 215
Blog Entries: 1

Original Poster
Rep: Reputation: 21
ok sohail...thanks i got it now....
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Mini-Course: Manage Users with Quotas LXer Syndicated Linux News 0 10-09-2009 01:41 AM
how to manage users from redhat9 to fedora6 orko Linux - General 4 07-20-2007 05:53 PM
LXer: Linux 101: Manage user accounts in a multi-user Linux environment ... LXer Syndicated Linux News 0 06-27-2006 08:03 AM
What we have to do to manage users/groups Khmer Linux - Security 2 08-13-2005 09:35 AM
Users can't manage print jobs on CUPS/Samba printer tisource Linux - Networking 8 04-21-2005 01:52 PM


All times are GMT -5. The time now is 12:04 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration