| Autor |
Nachricht |
|
|
Titel: Adding user to sudo group?
 Verfasst am: 28.10.2006, 08:16 Uhr
|
|
Anmeldung: 19. Okt 2006
Beiträge: 41
Wohnort: Berlin
|
|
Is it a good idea to set up a "user_name" account to belong to the "sudoer" group in order to run commands from the console... rather than to changing to "root"?
If so, how should I go about doing this? Or, can anyone advise of a different way to setup. I have a "user_name" account which I login with, and a "root" password which I enter when prompted (either in the console or desktop shell).
Thanks. coady |
|
|
| |
|
|
|
 |
|
|
|
Titel: Adding user to sudo group?
Verfasst am: 28.10.2006, 08:39 Uhr
|
|
Team Member
Anmeldung: 06. Mai 2005
Beiträge: 3087
Wohnort: berlin
|
|
i use yakuake as console and always have a few instances of it open, like 1 for user, 1 for root, 1 for htop and whatever i need. so F12 will give me what i need real fast. very comfortable and no need for sudo.
greetz
devil |
_________________
<<We are Xorg - resistance is futile - you will be axximilated>>
Host/Kernel/OS "devilsbox" running[2.6.19-rc1-git5-kanotix-1KANOTIX-2006-01-RC4 ]
CPU Info AMD Athlon 64 3000+ clocked at [ 803.744 MHz ]
|
| |
|
|
|
|
|
|
|
Titel: RE: Adding user to sudo group?
Verfasst am: 28.10.2006, 08:46 Uhr
|
|
Anmeldung: 05. Dez 2005
Beiträge: 414
Wohnort: Auckland, New Zealand
|
|
If you google then you'll find there are two schools of thought on this.
One school of thought says that sudo shouldn't be used for security reasons, as it's effectively creating a 2nd root account, as if someone knows your password then they can do things as root. It means that someone has more than one password to try and crack: root's, and yours ... and so you might have doubled the chance of someone cracking an important password. People who say this will say that you should use "su" or even better "sux".
The other school of thought says that it's damn useful to have sudo. If you want to add a user the sudoers list, then do as root:
visudo
... it'll open it up in your default command line editer (you must know how to use this) and under:
root ALL=(ALL) ALL
put:
xxxx ALL=(ALL) ALL
... where xxxx is your username. Save and exit. You may have to log out and in again for it to take affect. Now, with normal debian sudo, it'll ask you for the user's password (not root's password) and remember that for 15 minutes, so that you don't have to keep typing in your password, but there is a bug in kanotix (and knoppix) where it'll never ask you for you password, and this makes sudo even more unsecure. |
_________________
Linux is evolution, not intelligent design - Linus Torvalds
|
| |
|
|
|
|
|
|
|
Titel: RE: Adding user to sudo group?
Verfasst am: 28.10.2006, 08:54 Uhr
|
|
Anmeldung: 19. Okt 2006
Beiträge: 41
Wohnort: Berlin
|
|
Thanks for your response. Could you explain what "yakuake" is and how I should use it? (Sorry...)
Also, I am going crazy with a password problem. I even did a clean install last night thining that might resolve it (I have a lot to learn!).
I can still open a console and run:
su
"my_passwd"
and get root.
The problem is I am not too familiar with doing complex things from the console YET, and have been using a root level text editor to "point and click" then edit files (old windows habits die hard, unfortunately). But I can't open these editors now. I can't change anthing from the desktop (e.g. time, add user account, nothing!) I am not sure why this happened.
Please help.
coady |
|
|
| |
|
|
|
|
|
|
|
Titel: RE: Adding user to sudo group?
Verfasst am: 28.10.2006, 09:32 Uhr
|
|
Anmeldung: 19. Okt 2006
Beiträge: 41
Wohnort: Berlin
|
|
OK, Thanks. It sounds like it is better not to use "sudo".
Also, do you know how can I resolve the problem (above) where, in the desktop shell, I am prompted for my "root_passwd" but it is no accepted. As I said, it is still valid in switching to root in a console window (i.e. "su" then "passwd").
coady |
|
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 28.10.2006, 09:32 Uhr
|
|
Anmeldung: 16. Apr 2006
Beiträge: 207
Wohnort: England
|
|
|
Zitat:
there is a bug in kanotix (and knoppix) where it'll never ask you for you password, and this makes sudo even more unsecure
Remove user from the sudoers group and use
Code:
username ALL=(ALL) ALL
in /etc/sudoers.
Or if you want multiple users to use sudo create a group called wheel or admin or whatever and add the users to that group and use this as the line in /etc/sudoers -
Code:
%wheel ALL=(ALL) ALL
Also, to make it ask for a password more often add this (probably has to be above the other lines)
Code:
Defaults timestamp_timeout=1
Change the value to 0 to make it ask for a password every time.
When I first tried using sudo on kanotix it took me ages to work out how to get it to ask for password. |
_________________
sidux 32 & 64 | PCLinuxOS | PC-BSD
repository of shame - compiz fusion & beryl repo for debian Sid/Lenny/Etch | 32-bit | 64-bit
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 28.10.2006, 09:45 Uhr
|
|
Anmeldung: 19. Okt 2006
Beiträge: 41
Wohnort: Berlin
|
|
If I don't want to use "sudo" how do I resolve the current password issue (sorry if I am missing something here, and also there are some time problems between posts...).
coady |
|
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 28.10.2006, 17:00 Uhr
|
|
Team Member
Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
|
|
Try ALT+CTL+F1 (log in as root)
Code:
passwd <username>
change your password
If you are looking to just edit a file, right click on that file > actions > edit as root > a prompt will show to enter your root password, then edit, save & exit
To use yakuake go to
Code:
kmenu > lost & found > yakuake
wait for it to load, then press F12, right click anywhere on it > settings > save as default, restart x (ALT+CTL+Backspace) then anytime you need a console press F12 |
_________________
h2's d-u script
h2's rdiff-backup script
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 28.10.2006, 17:15 Uhr
|
|
Anmeldung: 19. Okt 2006
Beiträge: 41
Wohnort: Berlin
|
|
|
|
|
|
|
|
