multi-user solution
Michael R Head
burner at suppressingfire.org
Thu Apr 21 02:02:45 UTC 2005
On Wed, 2005-04-20 at 20:41 -0500, Jesse Haubrich wrote:
> Jim, your right. I was being a closed minded about the situation. I'm
> just as bad as the windows users who whine about having to enter a pass
> at every turn :P
>
> I'm going disable the root account and give the ubuntu user scheme a
> whirl. I suppose my biggest concern was security, but when I think about
> it - I honestly can't figure why having a root account would be more
> secure. The fact is, that when we give a root password to a user the
> user account essentially becomes a superuser anyway.
>
> My hat is off to ubuntu for their boldness.
>
> Is there a switch for adduser to automatically add users to the sudoers?
Just "sudo adduser <some user> admin" after you've created that other
account. Since your /etc/sudoers should have
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
at the bottom, anyone in that group should be able to use sudo for
anything.
This is also available in the graphical "Users and Groups" admin tool.
Just select a user, click properties, select the "User privileges" tab
and enable the "Executing system administration tasks" checkbox.
mike
>
> JKH
>
>
>
>
> On Thu, 2005-04-21 at 12:07 +1200, Jim Cheetham wrote:
> > On Wed, 2005-04-20 at 18:38 -0500, Jesse Haubrich wrote:
> > > Does anybody know how to setup a classic UNIX style root and user
> > > account system. I love ubuntu, but this 'sudo' stuff has got to go.
> >
> > Just assign a password to root, and you'll have what you want.
> > "sudo passwd root" would work.
> >
> > > If I add the new accounts to the 'sudoers' file, I'll effectively have
> > > multiple passwords to access the super-user account. Doing this just
> > > doesn't feel right.
> >
> > Sure - sudo-style activities are perfect for a large operation where
> > there are "operators" as well as admins. sudo can assign access in a far
> > more fine-grained manner than su can - i.e. you can permit only a
> > handful of commands to be run as root (and block sub-shells from them
> > too).
> >
> > Plus, if one of the users "leaves", you can deny them root access
> > without the other users having to know that anything has changed. If you
> > change the root password, all the current users have to know about the
> > change.
> >
> > > I understand having the 'sudo' set up this way for the windows migrants
> > > to get adjusted; which seems fine, but there should be a way for us UNIX
> > > weenies to have our way too ;)
> >
> > Ah, you just want what you're already used to. No problem - you can have
> > it :-) It's just not the default :-)
> > --
> > -jim cheetham = jim at egressive dot com
> > www.egressive.com, www.effusiongroup.com
> >
> >
>
>
--
Michael R Head <burner at suppressingfire.org>
GPG: http://www.suppressingfire.org/~burner/gpg.key.txt (ID 23A02B1F)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050420/5a09ed2c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050420/5a09ed2c/attachment.sig>
More information about the ubuntu-users
mailing list