[NTLUG:Discuss] su?

[Aaron Goldblatt]

> That's what I'd like to do, but how? www is a special account
> used by the webserver, and I'm not sure how to find out what its
> password is, or how to change it. If a person were root, he
> could obviously "su www", but I don't want anyone to be root.

As root:

# passwd www

As root, you don't need the know the password to change it.  That way, if a 
user loses his password, root can reset it.

> If I were to change the password for www, wouldn't that mess up
> the services that run as www? Or do they not need a password
> because they're started by root?

They don't need a password, as you describe, because the change in ownership 
is being done by a process running as root ... so no permissions need apply.  
THAT is the danger of running things as root, and why you should avoid doing 
so anywhere you can.  Processes that run as root bypass most of the operating 
system's internal security checks.  (ala rm -rf /)

Just beware that the person(s) you give this password to can blow a big hole 
in your web server and there's not much you can do about it, beyond making 
all the config files read-only and owned by root (which I would advise).  But 
unless you have some root-owned supervisory process running, you may expose 
yourself to a situation where the user can shut down the daemon and/or damage 
logs and files.

Going the group permissions route is much better, imo, or using sudo.  Sudo 
allows you to specify which commands a user is permitted to execute, so you 
can restrict things like kill and make them stick to chown.

Beware with sudo: The default user as which things are done is root, and if 
you let the user run any command under sudo without correctly restricting it, 
the user might run something like "sudo bash" which suddenly gives the user a 
root shell, which is obviously not what you want.  Even "sudo -u www bash" 
might have some undesired consequences.

ag