Hi Folks,
I need some hints on the following scanario:
* We have a cluster of ipa clients and an ipa server.
* There is an _ipa_ user with the name "BIGBOSS".
* There is also a machine EXT that may be connected to the cluster
for maintenance purposes, but it is not an ipa client.
Some user on EXT uses ssh to connect to the local user named LOCAL
on the cluster machine C. From there she can type
$ su -c /bin/bash BIGBOSS
to switch to the BIGBOSS user on C (with password login).
--
Now, I have no idea how to do this:
* Only the users "root" and LOCAL are allowed to use "su" to
switch to BIGBOSS. All other local and ipa user must not be
able to "su -c ... BIGBOSS", even if they know the password.
Ciao
Dominik ^_^ ^_^
--
Dominik Vogt
Show replies by date