[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Sudo mode and policykit


On Thu, Mar 25, 2010 at 7:49 PM, Michael Biebl <biebl@debian.org> wrote:
> Speaking as policykit maintainer, I have to say that I generally like
> the idea of such an "admin" group and thus would prefer 1.).

Speaking as a user and sysadmin, I also prefer the group approach.
But I dislike having to add yet another new group. Debian already
lists several groups [1] that could be used for this.  Particularly,
staff looks like a good option to me.

The amount of groups that a users needs to belong to in order to get
the best experience from their computer is growing and growing.  This
wouldn't be a problem, if there wasn't a bug with nfs related to
having more than 16 groups [2].

Also, is there an easy way to add a second (or third) user to all the
groups that the user created when installing is added?  If there
isn't, I think there should be.

[1]: http://www.debian.org/doc/manuals/securing-debian-howto/ch12.en.html

[2]:  I regularly need to delete myself from one or two groups in
order to add myself to another group that I need, because of this bug;
I have 8 nfs groups, thus cannot afford to have more than 8 local
groups, so I generally have to choose either having access to the
scanner or the sound card.


Reply to: