Thursday, July 21, 2011
Granting sudo access to reset local user-accounts password
In a RHEL server, I want to grant sudo access for a Group to reset any local User-accounts' password. At the same time, I don't want them to reset the password of ROOT user.
Solution: Use ! (exclude) option in /etc/sudoers file.
Syntax: %groupname ALL=(ALL) NOPASSWD: /usr/bin/passwd [A-Za-z]*, !/usr/bin/passwd root
Refer this also: http://ashok-linux-tips.blogspot.com/2010/09/using-wild-characters-while-providing.html