] At 7:10 AM -0700 10/6/04, Robert Ameeti wrote: ]] ]I have some non-privileged users who want to be able to set their ]] clock. Is there some way I can let them do that without giving them ]] admin privileges? ] ] In a word, no.
This is incorrect. It is trivial to allow non-privileged users access to a command that normally requires admin permissions. `visudo` and add the line:
user ALL=NOPASSWD:/usr/sbin/ntpdate
replace user with the name of the user you want to allow to use ntpdate and you're done. Or you can use the syntax:
percent group ALL=NOPASSWD:/usr/sbin/ntpdate
to allow a entire group to use ntpdate.
Then any user specified in sudoers can type 'sudo ntpdate time.apple.com' and get the clock set. You can do this with any command, though it is exceedingly dangerous and you should be very careful. For example:
user ALL=NOPASSWD:/usr/bin/vi
would allow user to execute ANY COMMAND as root because they could execute a shell escape from within vi. So be careful. AFAIK, ntpdate is safe.
] This is as it should be.
This is correct.
-- Hey, baby, I've got just the cure for that penis envy back at my apartment...
