Skip to Main Content
Linux Security Cookbook
book

Linux Security Cookbook

by Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes
June 2003
Intermediate to advanced content levelIntermediate to advanced
336 pages
8h 54m
English
O'Reilly Media, Inc.
Content preview from Linux Security Cookbook

5.12. Authorizing Password Changes via sudo

Problem

You want to permit a user to change the passwords of certain other users.

Solution

To permit smith to change the passwords of jones, chu, and agarwal:

               /etc/sudoers:
smith  ALL = NOPASSWD: \
        /usr/bin/passwd jones, \
        /usr/bin/passwd chu, \
        /usr/bin/passwd agarwal

The NOPASSWD tag is optional, for convenience. [Recipe 5.4]

Discussion

As another example, permit a professor to change passwords for her students, whose logins are student00, student01, student02,...up to student99.

               /etc/sudoers:
prof  ALL = NOPASSWD: /usr/bin/passwd student[0-9][0-9]

Note that this uses shell-style wildcard expansion; see sudoers(5) for the full syntax.

See Also

sudo(8), sudoers(5).

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Linux Administration Cookbook

Linux Administration Cookbook

Adam K. Dean

Publisher Resources

ISBN: 0596003919Errata Page