Enable updates for a single user
Mikkel L. Ellertson
mikkel at infinity-ltd.com
Mon Sep 15 15:08:48 UTC 2008
Vincenzo Campanella wrote:
> Hi everybody
>
> I have a PC running Fedora 9 that I have to lend to a customer for a
> limited period.
>
> I would like him to be able to install updates and to install and remove
> programs without giving him the root password.
>
> Is it possible, and if it is what do I have to do?
>
> Thanks in advance for your replies.
> vince
>
Take a look at the /etc/pam.d directory. You can modify the rules
for pup or yumex to let the console user, a specific user, or
members of a group run them without having to enter the root
password. For example, you could set up pup like this:
#%PAM-1.0
auth sufficient pam_console.so
auth include config-util
account include config-util
session include config-util
This will let whoever is logged into the console run pup. (Do updates.)
#%PAM-1.0
auth sufficient pam_wheel.so trust use_uid
auth include config-util
account include config-util
session include config-util
This will limit pup to members of the wheel group.
It is worth learning how to configure PAM for cases like this.
Mikkel
--
Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080915/68aba42a/attachment-0001.sig>
More information about the fedora-list
mailing list