I need to setup the system so that a password is required to sudo su from the tc user account. This is to stop the default user from messing with the system, but allowing an administrator to come along and sudo su with the password.
I can set the root password and add /etc/shadow and /etc/sudoers to /opt/.filetools.lst
I can even run visudo as root and remove the NOPASSWD: for tc user, however, this prevents the backup running properly. I assume as the back script and probably others use sudo. And of course the wiki does say DON'T modify root or tc entries in sudoers
So how can I have the system require a password in aterm when using sudo su, or just block sudo from being used in aterm altogether and just use su, which does prompt, but without breaking the scripts etc?