sudo and console user
Michael A. Peters
mpeters at mac.com
Fri Jan 21 18:16:33 UTC 2005
Is there a way to restrict sudo to the console user?
What I have now is this:
%gtkpod ALL=NOPASSWD:/usr/bin/eject /dev/ipod
Anyone in the gtkpod group can eject the ipod device.
What I would prefer - is anyone in the gtkpod group who is also logged
in as the pam_console user.
Probably doesn't matter too much in this particular (iPod) scenario,
but I could forsee there being cases where it might matter, so I want
to know how to do it.
I suppose a wrapper script that is actually what is called by sudo
might work (and checks what user called it via sudo against the
pam_console user) but is there a way to do it without such a script?
More information about the fedora-list
mailing list