Remove user SU access

[Kasyx]

Is there any way to remove the ability to SU on a per-user basis? The users are not part of the wheel group, so I am not really sure how to go about doing this. There are roughly 50 users that I need to remove su access for, and none of them are part of the wheel group which is odd.

Is there some command or something that can give users su access or something?

*sigh*

[Nuke]

There must be a way. The 2nd user on my our home ubuntu pc can't SU while the first I created can. Will ask the other guys is is just out atm, he will most likely know, he told me where to enable the SU access.

[Kasyx]

Awesome, thanks

[rustypup]

my first choice would be to simply chown the sudo executable, changing ownership to the admin group...

<edit>
actually... before going there, have you checked the sudoers file?
</edit>

[Kasyx]

sudoers file is empty except for two lines allowing snmpd and snmptrap. Looks like changing the access on the sudo executable is the best bet.

Thanks for the help

[rustypup]

Looks like changing the access on the sudo executable is the best bet.

no!... it's the quick and nasty approach...

first try using visudo to repair the damaged sudoers file... if the issue persists, then fiddle with ownership...

be warned... recovering from a mucked sudoers file is... fun... use nano or visudo...

[Kasyx]

Oh great! Well as long as it is FUN!

Hehe, I will give it a shot and see what I can sort out. Thanks

[lethe377]

What worries me is that you have 50 users with access to a shell. If they don't need access to bash, give them a false shell.