multi-user solution

Jesse Haubrich jesse.haubrich at gmail.com
Thu Apr 21 03:57:49 UTC 2005


Thanks mike, That's perfect!



On Wed, 2005-04-20 at 22:02 -0400, Michael R Head wrote:
> On Wed, 2005-04-20 at 20:41 -0500, Jesse Haubrich wrote: 
> > Jim, your right. I was being a closed minded about the situation.  I'm
> > just as bad as the windows users who whine about having to enter a pass
> > at every turn :P
> > 
> > I'm going disable the root account and give the ubuntu user scheme a
> > whirl. I suppose my biggest concern was security, but when I think about
> > it - I honestly can't figure why having a root account would be more
> > secure. The fact is, that when we give a root password to a user the
> > user account essentially becomes a superuser anyway. 
> > 
> > My hat is off to ubuntu for their boldness.
> > 
> > Is there a switch for adduser to automatically add users to the sudoers?
> 
> Just "sudo adduser <some user> admin" after you've created that other
> account. Since your /etc/sudoers should have 
> 
> # Members of the admin group may gain root privileges
> %admin  ALL=(ALL) ALL
> 
> at the bottom, anyone in that group should be able to use sudo for
> anything.
> 
> This is also available in the graphical "Users and Groups" admin tool.
> Just select a user, click properties, select the "User privileges" tab
> and enable the "Executing system administration tasks" checkbox.
> 
> mike
> 
> > 
> > JKH
> > 
> > 
> > 
> > 
> > On Thu, 2005-04-21 at 12:07 +1200, Jim Cheetham wrote:
> > > On Wed, 2005-04-20 at 18:38 -0500, Jesse Haubrich wrote:
> > > > Does anybody know how to setup a classic UNIX style root and user
> > > > account system. I love ubuntu, but this 'sudo' stuff has got to go.
> > > 
> > > Just assign a password to root, and you'll have what you want.
> > > "sudo passwd root" would work.
> > > 
> > > > If I add the new accounts to the 'sudoers' file, I'll effectively have
> > > > multiple passwords to access the super-user account. Doing this just
> > > > doesn't feel right. 
> > > 
> > > Sure - sudo-style activities are perfect for a large operation where
> > > there are "operators" as well as admins. sudo can assign access in a far
> > > more fine-grained manner than su can - i.e. you can permit only a
> > > handful of commands to be run as root (and block sub-shells from them
> > > too).
> > > 
> > > Plus, if one of the users "leaves", you can deny them root access
> > > without the other users having to know that anything has changed. If you
> > > change the root password, all the current users have to know about the
> > > change.
> > > 
> > > > I understand having the 'sudo' set up this way for the windows migrants
> > > > to get adjusted; which seems fine, but there should be a way for us UNIX
> > > > weenies to have our way too ;)
> > > 
> > > Ah, you just want what you're already used to. No problem - you can have
> > > it :-) It's just not the default :-)
> > > -- 
> > > -jim cheetham = jim at egressive dot com
> > > www.egressive.com, www.effusiongroup.com
> > > 
> > > 
> > 
> > 
> -- 
> Michael R Head <burner at suppressingfire.org>
> GPG: http://www.suppressingfire.org/~burner/gpg.key.txt (ID 23A02B1F)





More information about the ubuntu-users mailing list