Did you look at "man sudoers"?
You can set the admin names in an alias and keep the dummyadmins from changing their passwords.
Don't know how to use an UID here.
User_Alias MAINADMINS = will, wendy, wim
User_Alias DUMMYADMIN = millert, mikef, dowdy
Host_Alias HPPA = boa, nag, python
DUMMYADMIN HPPA = /usr/bin/passwd [A-z]*, !/usr/bin/passwd root, !/usr/bin/passwd MAINADMINS
This would let millert, mikef and dowdy change anybody's password except for root, will, wendy and wim
Last edited by makuyl; 05-14-2005 at 11:48 AM.
|