[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to use sudo not root

On Fri, Jun 16, 2006 at 15:41:11 +0800, Richard wrote:
>On 15/06/06, Joseph Smidt <jsmidt@byu.edu> wrote:
>>When I installed Debian I selected to not allow root login thinking that
>>would enable sudo and disable root.  But when I logged into gnome it
>>kept asking for the root password to do admin things, so I set a root
>>password and it works.
>>   However, I would like to disable root and have it so my sudo password
>>works for all the gnome admin things, like opening synaptic.  How do I
>>do that?  Thanks.
>>                        Joseph Smidt
>I think you should login as root and run the commands:
>usermod -G $USER $GROUPS,adm

A shorter option (sorry couldn't help myself):
# usermod -a adm $USER

># Members of the admin group may gain root privileges
>%adm ALL=(ALL) ALL

Rather then using the group that exists to allow users to read log
files[1] it might be better to use the root group or create a special
group for this purpose.

>And then delete the password from root from your /etc/passwd and
>/etc/shadow files
>=second field

I'd suggest using the -l argument to passwd instead of editing
/etc/passwd and /etc/shadow manually. If you still want to do it
manually you should probably use vipw to do it.


[1]: http://www.us.debian.org/doc/manuals/reference/ch-tune.en.html#s9.2.3

Magnus Therning                             (OpenPGP: 0xAB4DFBA4)
magnus@therning.org             Jabber: magnus.therning@gmail.com

Software is not manufactured, it is something you write and publish.
Keep Europe free from software patents, we do not want censorship
by patent law on written works.

Those who would give up Essential Liberty to purchase a little
Temporary Safety, deserve neither Liberty nor Safety
     -- Benjamin Franklin, Historical Review of Pennsylvania, 1759

Attachment: pgpJWq4YXwq1A.pgp
Description: PGP signature

Reply to: