[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: sudo questions

In case you're still confused, I'll try a little more direct response.
(Lots of informative responses in this thread, but I feel a blog
coming on. The rant I wrote on this a long time ago needs updating.)

On Wed, Aug 14, 2013 at 7:14 PM, François Patte
<francois.patte@mi.parisdescartes.fr> wrote:
> Bonjour,
>
> For some unknown reason I did not activate the root account during the
> installation. I activated it from a user account, say John Doe.

johndoe sounds like a great name for an admin account. Much better than admin.

But debian's installer tries to encourage the user to not enable root,
and to set up a non-root administrator account instead. (That part
needs a little work. I suppose I should make some time to come up with
some patches to offer them.)

> Now John Doe can become root anytime and do anything on my machine.

Well, yeah, that's what the primary admin account should be able to do.

> How can I deactivate this?

man visudo and the related stuff.

(But what's this thing with sudo-edit or something? And why, oh, why
do they insist that pico should be the default editor for
configuration files? Well, you may find pico more comfortable than
vim. I don't. Vim is much more well-behaved when I'm editing
configurations.)

> I have seen that John Doe is a member of
> almost all groups in /etc/group and /etc/gshadow...

man adduser

or maybe usermod or deluser. The interface looks a little clumsy for
removing johndoe from all those groups, yes. Careful editing with vigr
(with and without the -s option) may be quicker.

> Is there a simple method to remove John Doe from these files and are
> there other files to modify?

It's going to be a little clumsy, take maybe ten minutes.

But, but, but, ...

Wait a minute!

Now that I've told you how to figure out how to untangle johndoe from
his admin privileges, do you really want to do that?

Maybe you would prefer to make another non-admin account, and leave
johndoe intact as your non-root admin account?

(I and a number of other users here strongly encourage you to consider
this. I'll try to blog about the reasons why sometime next week, but
my blogs are not on the lists here, and you want answers now. Well,
read the whole thread, the basic answers are pretty well covered, if
not all in one place.)

> I asked a question about this  inconvenience of the sudo way to activate
> root account: lightdm accepts to login root for a graphical session, I
> found a method to forbid this: add this line in /etc/pam.d/ligthdm:
>
> auth required pam_succeed_if.so user != root quiet

Excellent idea.

> I don't understand this "fashion": sudo and no root account.... It is
> the same under ubuntu. What for?

The simple answer is that sudo allows more fine-grained control over
what you allow administrator accounts to do. Along with that
fine-grained control, it provides a bit more of a buffer between you
and, say, "rm -rf /*", or the even more evil version without the file
glob.

Even experienced admins find themselves trying to shoot themselves in
the foot from time to time. Working as much as possible as a non-root
user helps to prevent toes and whole legs from being blown off. So to
speak.

(My old rant suggested that installs should encourage setting up both
a non-root admin and a non-admin user. I still think that's the best
approach, but some of the devs think it just gets too much in the
way.)

> Thanks.
>
> --
> François Patte

--
Joel Rees
Reply to: