[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Single-use root account?



Alex Malinovich wrote:
I've decided that it's about time I look for a solution to a problem
that's been bugging me. On certain occasions, I find it necessary to
have one of my roommates do something to the network at home when I'm
not there. As such, they generally will need root access to do it. While
I certainly trust them, I'm very security conscious and wouldn't feel
comfortable giving them my root password. So I had the idea of setting
up a one-time use root account. You can log in once, but as soon as you
do the user gets locked out. (passwd -l in .bashrc)

Unfortunately, since I use the "real" root account very frequently this
would be a great hassle. So I'd like to set up a pseudo-root account for
this purpose. It's easy enough to do an adduser --gid 0, but that would
still leave quite a few things which the user couldn't do. (At least
unless I did a chmod -R g+rwx *, which I'd like to avoid.)

So any ideas on how to go about it? Is it possible to have two different
users with the same UID? i.e. adduser --uid 0 --gid 0 temproot

If not, any other possibilities?

What about sudo?  You can set it up to grant very limited permissions
(i.e., one or two commands only) to a specific user.

-Roberto

Attachment: pgpXDDTeKEPrQ.pgp
Description: PGP signature


Reply to: