I have 3 users in "production" group: John, Steve and Bob. In "sales" group are: Sam and Jack.
Now, I would like to give John permition to change passwords of all users but only in "production" group, so he will be unable to make any changes to Sam and Jack.
In my /etc/sudoers file I have alias for all users in "production" group:
User_Alias PRODUCTION = %production
And the problem is I have no idea how to write this:
john ALL =(root) /usr/bin/passwd steve, (root) /usr/bin/passwd bob, (root) /usr/bin/passwd jack
... using my PRODUCTION alias, so if there is someone new added to this group, there will be no need to add him manually to sudoers file too.
I've tried something like this in many variations:
john ALL =(root) /usr/bin/passwd PRODUCTION
but it doesn't work and at this moment I have no more ideas.
I will appreciate any clues, thanks a lot!
Aucun commentaire:
Enregistrer un commentaire