Thread: "newuser"
View Single Post
  #6   (View Single Post)  
Old 4th June 2008
cajunman4life cajunman4life is offline
Real Name: Aaron Graves
Package Pilot
 
Join Date: May 2008
Location: Coolidge, Arizona
Posts: 203
Default

Quote:
Originally Posted by TerryP View Post
If doing that, I would use a custom program that restricts what things they can do -- for example blocking them from setting their own user and group ID numbers, allowing them to set their group(s) or restrained to only a few 'safe' groups you choose. The script can always wrap around the pw utility.

Ok, so I am paranoid as much as I am lazy...
Yea, I was going to take adduser and modify it for exactly these purposes. I'm going to limit available UID's to 10000+ (for my own tracking purposes) and allow GID of 9999 only (which will be set to "users"). This is the setup for me

Oh - and as far as being paranoid and lazy... both are great qualities of system admins
__________________
I just saved a bunch of money on my car insurance by fleeing the scene of the accident!
Reply With Quote