We have several Linux boxes running Samba that are used 'locally', eg each branch gets their own Samba box to store and share files.
The office managers need to be able to add and remove users for their branch and need to be root for this action (afaik), but i would like to restrict them from issuing any other root-privileged command as we have regular screw-ups from their side.
My (limited) linux knowledge tells me this is not possible – you are either root or not – but i wondered if there are ways to limit the allowed commands in some way.
Best Answer
Add to your
/etc/sudoers
file the following line:where
user
is your non-root user and/bin/mount,/bin/umount
is the list of commands you want to execute as root.Now the non-root user can use the sudo command to run
/bin/mount
and/bin/umount
with root privileges.