Re: sudo and passwordless root
On Thu, Feb 17, 2005 at 12:31:48PM +0100, Benedict Verheyen wrote:
> root ALL=(ALL) ALL
> mylogin ALL = NOPASSWD: ALL
I'm pretty sure you're missing the runas here. If this doesn't work,
try:
mylogin ALL=(ALL) NOPASSWD:ALL
instead.
As for locking root, it's a really, really bad idea. Don't login as root
unless you have to, but if you prevent root logins altogether, you'll
have to drop to an unprotected (e.g. not using sulogin) single-user mode
to fix anything serious.
If you're psychotic, you can do either of the following as root:
- echo > /etc/securetty
- passwd -l root
Even if you are deeply psychotic, do *not* change your root shell to
/bin/false unless you enjoy using rescue disks for single-user
maintenance, or exotic su parameters for access to root in multiuser
runlevels.
If you do any of these things, be sure to let us all know how it works
out.
--
Find my Techno-Geek Journal at http://www.codegnome.org/geeklog/
Reply to: