16 Apr
2004
16 Apr
'04
1:48 p.m.
On Fri, Apr 16, 2004 at 02:58:27PM +0200, Miloslav Trmac wrote:
My patch implements what I call a "sudo-like" behavior (although it is much simpler than sudo). Each program, through its console.apps config file, can have a list of groups whose members are able to authorize as themselves. Anyone not a member of the approved groups either must give the root password (or the password of a given user, or is denied access completely via a new <none> value).
Shoudn't this be already possible using PAM (e.g. pam_listfile)?
I don't think so. How would you do it? The selection of user account to authorize against (root, or <user>, or even some other account) happens at a earlier/higher level.
--
Matthew Miller mattdm@mattdm.org http://www.mattdm.org/
Boston University Linux ------> http://linux.bu.edu/