Join Log in
Score:6
M K avatar Ubuntu

Want to restrict a user changing admin password

sv flag
M K

I have two users on a device UserX and user admin using Ubuntu 20.04, both have admin rights, but I want UserX not to be able to change the password of user admin. However, I still need to be able to allow UserX to install packages\applications and be able to use sudo, etc

Is there a method of restricting UserX rights not to be able to change the useradmin password?

423
1 + 1
Artur Meinild avatar
vn flag
Artur Meinild
Does this answer your question? [Block a command from sudo user](https://askubuntu.com/questions/500679/block-a-command-from-sudo-user)
3
Reply
Score:5
waltinator avatar Ubuntu
it flag
waltinator

Since "admin rights" is just access to UID 0, there is no way to restrict UserX.

There is a way to achieve this

  • remove "admin rights" from UserX.
  • use sudo to grant UserX access to specific commands as root (UID 0).

Read man sudo sudoers to get started.

+ 2
in flag
orithena
Further reading hint: Using sudo would end up with "grant user all except some commands via sudo" (blacklist approach) or "grant user only these specific commands via sudo" (whitelist approach). There are caveats with using the blacklist approach, those are discussed [in this question on U&L SE](https://unix.stackexchange.com/questions/329405/sudoers-blacklist).
0
Reply
waltinator avatar
it flag
waltinator
The safer way to do ANY security thing is "Deny all, allow narrowly defined exceptions". The other way "Allow all, deny specific hazards as soon as you find out" will have you playing an unending game of Whack-A-Mole, falling ever further behind. BTDT, didn't like it.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.