Enable updates for a single user

[Mikkel L. Ellertson]

Vincenzo Campanella wrote:
> Hi everybody
> 
> I have a PC running Fedora 9 that I have to lend to a customer for a
> limited period.
> 
> I would like him to be able to install updates and to install and remove
> programs without giving him the root password.
> 
> Is it possible, and if it is what do I have to do?
> 
> Thanks in advance for your replies.
> vince
> 
Take a look at the /etc/pam.d directory. You can modify the rules
for pup or yumex to let the console user, a specific user, or
members of a group run them without having to enter the root
password. For example, you could set up pup like this:

#%PAM-1.0
auth            sufficient      pam_console.so
auth            include         config-util
account         include         config-util
session         include         config-util

This will let whoever is logged into the console run pup. (Do updates.)

#%PAM-1.0
auth           sufficient      pam_wheel.so trust use_uid
auth            include         config-util
account         include         config-util
session         include         config-util

This will limit pup to members of the wheel group.

It is worth learning how to configure PAM for cases like this.

Mikkel
-- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080915/68aba42a/attachment-0001.sig>