gdm and sudo question
DXpublica at telefonica.net
Fri Mar 11 11:51:44 CST 2005
I observe that in gdm.conf there are the lines:
# Reboot, Halt and suspend commands, you can add different commands
# separated by a semicolon and gdm will use the first one it can find
RebootCommand=/sbin/shutdown -r now "Rebooted from gdm menu."
HaltCommand=/sbin/shutdown -h now "Halted from gdm menu."
SuspendCommand=/usr/sbin/pmi action sleep
HibernateCommand=/usr/sbin/pmi action hibernate
and I asked if this should be substituted by "sudo [command]" and put gdm in
sudoers file that "only" could shutdown the system (perhaps a good solution
was add a group called "shutdowners" and add gdm to that group).
I ask that because ubuntu has a "secure policy" that root account is disable
by default and "only" root should could shutdown, isn't?
What do you think about that?. I ask you with the best intention, as a desktop
user that follow ubuntu movement.
Thank you very much,
PS: For the other hand, a trouble (this is not important; I'm sure it's
My sudoers file (that is default file) is:
# User privilege specification
root ALL=(ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
and groups is:
gdm not belongs to admin. So why it can shutdown my system?
More information about the ubuntu-devel