nixCraft

Under Solaris we use tool named RBAC is used to delegate/assign Administrative Roles. This tool does not exist under Linux so how I am gone assign different administrative right/tasks? I cannot give root access to users
to just reboot system or to restart httpd or mysql process; we are using
Red Hat Enterprise Linux 4.

Thanks!

SUDO is the tool to delegate system administration job to other users without giving the root password. SUDO not just available on Linux but it is runs almost on every other UNIX like operating system.

Use visudo command to modify /etc/sudoers file under Linux.

sudo take care of lot of things; it allows only delegated user command/task. In oder to user run a command, you need to create a specific rule that grant user permission on the host/computer to run a command. The rule can be defined using following syntax:

USERNAME LINUX_HOST=COMMAND

OR

USERNAME LINUX_HOST=/path/to/command

Where,
USERNAME: The user (actual name of user) who is delegated or granted to execute the command.
LINUX_HOST: Linux computer name (host) i.e. hostname of the system where this rule applies. Host can be hostname, IP address, network address or special aliases.

COMMAND OR /path/to/command: Actual command/task granted to user. You must have a full path to ecah command name; further multiple commands need to separated using , (comm). For example /etc/init.d/apache stop, /sbin/shutdown -h now

Interesting part, let us say you would like to grant user monk to shutdown system and restart, stop, start apache on www host, then your rule should be as follows:

Monk from his account can type following command to shutdown the httpd:
When prompted for password type monk need to supply his own password.

Please have a look at sudo, sudoers, visudo man pages. Especially sudoers(5) which document all features and tons of examples.