multi-user solution
Jesse Haubrich
jesse.haubrich at gmail.com
Thu Apr 21 03:57:49 UTC 2005
Thanks mike, That's perfect!
On Wed, 2005-04-20 at 22:02 -0400, Michael R Head wrote:
> On Wed, 2005-04-20 at 20:41 -0500, Jesse Haubrich wrote:
> > Jim, your right. I was being a closed minded about the situation. I'm
> > just as bad as the windows users who whine about having to enter a pass
> > at every turn :P
> >
> > I'm going disable the root account and give the ubuntu user scheme a
> > whirl. I suppose my biggest concern was security, but when I think about
> > it - I honestly can't figure why having a root account would be more
> > secure. The fact is, that when we give a root password to a user the
> > user account essentially becomes a superuser anyway.
> >
> > My hat is off to ubuntu for their boldness.
> >
> > Is there a switch for adduser to automatically add users to the sudoers?
>
> Just "sudo adduser <some user> admin" after you've created that other
> account. Since your /etc/sudoers should have
>
> # Members of the admin group may gain root privileges
> %admin ALL=(ALL) ALL
>
> at the bottom, anyone in that group should be able to use sudo for
> anything.
>
> This is also available in the graphical "Users and Groups" admin tool.
> Just select a user, click properties, select the "User privileges" tab
> and enable the "Executing system administration tasks" checkbox.
>
> mike
>
> >
> > JKH
> >
> >
> >
> >
> > On Thu, 2005-04-21 at 12:07 +1200, Jim Cheetham wrote:
> > > On Wed, 2005-04-20 at 18:38 -0500, Jesse Haubrich wrote:
> > > > Does anybody know how to setup a classic UNIX style root and user
> > > > account system. I love ubuntu, but this 'sudo' stuff has got to go.
> > >
> > > Just assign a password to root, and you'll have what you want.
> > > "sudo passwd root" would work.
> > >
> > > > If I add the new accounts to the 'sudoers' file, I'll effectively have
> > > > multiple passwords to access the super-user account. Doing this just
> > > > doesn't feel right.
> > >
> > > Sure - sudo-style activities are perfect for a large operation where
> > > there are "operators" as well as admins. sudo can assign access in a far
> > > more fine-grained manner than su can - i.e. you can permit only a
> > > handful of commands to be run as root (and block sub-shells from them
> > > too).
> > >
> > > Plus, if one of the users "leaves", you can deny them root access
> > > without the other users having to know that anything has changed. If you
> > > change the root password, all the current users have to know about the
> > > change.
> > >
> > > > I understand having the 'sudo' set up this way for the windows migrants
> > > > to get adjusted; which seems fine, but there should be a way for us UNIX
> > > > weenies to have our way too ;)
> > >
> > > Ah, you just want what you're already used to. No problem - you can have
> > > it :-) It's just not the default :-)
> > > --
> > > -jim cheetham = jim at egressive dot com
> > > www.egressive.com, www.effusiongroup.com
> > >
> > >
> >
> >
> --
> Michael R Head <burner at suppressingfire.org>
> GPG: http://www.suppressingfire.org/~burner/gpg.key.txt (ID 23A02B1F)
More information about the ubuntu-users
mailing list