kanotix.com :: Thema anzeigen - Adding user to sudo group?

kanotix.com

General Support - Adding user to sudo group?

coady - 28.10.2006, 08:16 Uhr
Titel: Adding user to sudo group?

Is it a good idea to set up a "user_name" account to belong to the "sudoer" group in order to run commands from the console... rather than to changing to "root"?

If so, how should I go about doing this? Or, can anyone advise of a different way to setup. I have a "user_name" account which I login with, and a "root" password which I enter when prompted (either in the console or desktop shell).

Thanks. coady

devil - 28.10.2006, 08:39 Uhr
Titel: Adding user to sudo group?

i use yakuake as console and always have a few instances of it open, like 1 for user, 1 for root, 1 for htop and whatever i need. so F12 will give me what i need real fast. very comfortable and no need for sudo.

greetz
devil

Swynndla - 28.10.2006, 08:46 Uhr
Titel: RE: Adding user to sudo group?

If you google then you'll find there are two schools of thought on this.

One school of thought says that sudo shouldn't be used for security reasons, as it's effectively creating a 2nd root account, as if someone knows your password then they can do things as root. It means that someone has more than one password to try and crack: root's, and yours ... and so you might have doubled the chance of someone cracking an important password. People who say this will say that you should use "su" or even better "sux".

The other school of thought says that it's damn useful to have sudo. If you want to add a user the sudoers list, then do as root:
visudo
... it'll open it up in your default command line editer (you must know how to use this) and under:
root ALL=(ALL) ALL
put:
xxxx ALL=(ALL) ALL
... where xxxx is your username. Save and exit. You may have to log out and in again for it to take affect. Now, with normal debian sudo, it'll ask you for the user's password (not root's password) and remember that for 15 minutes, so that you don't have to keep typing in your password, but there is a bug in kanotix (and knoppix) where it'll never ask you for you password, and this makes sudo even more unsecure.

coady - 28.10.2006, 08:54 Uhr
Titel: RE: Adding user to sudo group?

Thanks for your response. Could you explain what "yakuake" is and how I should use it? (Sorry...)

Also, I am going crazy with a password problem. I even did a clean install last night thining that might resolve it (I have a lot to learn!).

I can still open a console and run:
su
"my_passwd"
and get root.

The problem is I am not too familiar with doing complex things from the console YET, and have been using a root level text editor to "point and click" then edit files (old windows habits die hard, unfortunately). But I can't open these editors now. I can't change anthing from the desktop (e.g. time, add user account, nothing!) I am not sure why this happened.

Please help.
coady

coady - 28.10.2006, 09:32 Uhr
Titel: RE: Adding user to sudo group?

OK, Thanks. It sounds like it is better not to use "sudo".

Also, do you know how can I resolve the problem (above) where, in the desktop shell, I am prompted for my "root_passwd" but it is no accepted. As I said, it is still valid in switching to root in a console window (i.e. "su" then "passwd").
coady

shame - 28.10.2006, 09:32 Uhr
Titel:

Zitat:

there is a bug in kanotix (and knoppix) where it'll never ask you for you password, and this makes sudo even more unsecure

Remove user from the sudoers group and use

Code:

username ALL=(ALL) ALL

in /etc/sudoers.
Or if you want multiple users to use sudo create a group called wheel or admin or whatever and add the users to that group and use this as the line in /etc/sudoers -

Code:

%wheel ALL=(ALL) ALL

Also, to make it ask for a password more often add this (probably has to be above the other lines)

Code:

Defaults timestamp_timeout=1

Change the value to 0 to make it ask for a password every time.
When I first tried using sudo on kanotix it took me ages to work out how to get it to ask for password.

coady - 28.10.2006, 09:45 Uhr
Titel:

If I don't want to use "sudo" how do I resolve the current password issue (sorry if I am missing something here, and also there are some time problems between posts...).
coady

piper - 28.10.2006, 17:00 Uhr
Titel:

Try ALT+CTL+F1 (log in as root)

Code:

passwd <username>

change your password

If you are looking to just edit a file, right click on that file > actions > edit as root > a prompt will show to enter your root password, then edit, save & exit

To use yakuake go to

Code:

kmenu > lost & found > yakuake

wait for it to load, then press F12, right click anywhere on it > settings > save as default, restart x (ALT+CTL+Backspace) then anytime you need a console press F12

coady - 28.10.2006, 17:15 Uhr
Titel:

Thanks piper!