Re: sudo and passwordless root

To: Debian Linux Distro Users Discussion <debian-user@lists.debian.org>
Subject: Re: sudo and passwordless root
From: "Todd A. Jacobs" <nospam@codegnome.org>
Date: Thu, 17 Feb 2005 21:57:13 -0800
Message-id: <[🔎] 20050218055713.GF5436@penguin.codegnome.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 421480A4.6020909@sjki.be>
References: <[🔎] 421480A4.6020909@sjki.be>

On Thu, Feb 17, 2005 at 12:31:48PM +0100, Benedict Verheyen wrote:

>   root ALL=(ALL) ALL
>   mylogin ALL = NOPASSWD: ALL

I'm pretty sure you're missing the runas here. If this doesn't work,
try:

    mylogin ALL=(ALL) NOPASSWD:ALL

instead.

As for locking root, it's a really, really bad idea. Don't login as root
unless you have to, but if you prevent root logins altogether, you'll
have to drop to an unprotected (e.g. not using sulogin) single-user mode
to fix anything serious.

If you're psychotic, you can do either of the following as root:

    - echo > /etc/securetty
    - passwd -l root

Even if you are deeply psychotic, do *not* change your root shell to
/bin/false unless you enjoy using rescue disks for single-user
maintenance, or exotic su parameters for access to root in multiuser
runlevels.

If you do any of these things, be sure to let us all know how it works
out.

-- 
Find my Techno-Geek Journal at http://www.codegnome.org/geeklog/

Reply to:

References:
- sudo and passwordless root
  - From: Benedict Verheyen <benedict.verheyen@sjki.be>

Prev by Date: Re: Display Manager Problems -- CRY FOR HELP
Next by Date: Re: drag and drop in firefox and openoffice
Previous by thread: Re: sudo and passwordless root
Next by thread: VGA card for debian
Index(es):
- Date
- Thread