[OT] sudo, why not su?
J.Markoll
j.markoll at free.fr
Wed Aug 10 11:45:04 UTC 2005
Colin Watson a écrit :
> On Wed, Aug 10, 2005 at 07:55:38AM +0100, Magnus Therning wrote:
>
>>If you want to make it possible for everyone in the adm group to run all
>>commands you can add the following line:
>>
>> %adm ALL=(ALL) ALL
>
>
> Please, please don't do this. The adm group is only intended for reading
> files in /var/log (as /usr/share/doc/base-passwd/users-and-groups.txt.gz
> says); it's supposed to be safe to add users to the adm group in the
> knowledge that all they can do with it is read some log files. It will
> be horrible if people start using it for root-equivalence instead.
>
> We use the admin group for sudo instead.
>
> Cheers,
Thanks for these important precisions. Mostover, I once wondered what
was the difference from 'admin' group and 'adm' group, now you gave the
answer :)
Conclusion, what could be added to /etc/sudoers file in order to allow
root access to all would be:
> %admin ALL=(ALL) ALL
J.Markoll.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050810/b472e1b6/attachment.sig>
More information about the ubuntu-users
mailing list