Easy way/script to add another user like me?

Joe(theWordy)Philbrook jtwdyp at ttlc.net
Thu Mar 2 17:36:45 UTC 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



It would appear that on Feb 26, Tommy Trussell did say:

> I believe on all recent versions of Ubuntu, I believe all you have to
> do to give a user sudo privileges is to add them to the admin group.
> (I'm not in front of my system right now or I'd tell you for sure.)
> You CAN edit the sudoers file, but the way it's set up you won't need
> to.

I don't know about that, I thought there should be a little more to it,
but you got me to do a simple test... 

I have a secondary login I use for certain tasks with a login name of
joker. I used my root account to add joker to the "admin group" via
usermod. Only I 1st had to create the admin group first*? 

   *(I installed breezy from the cd with the expert mode
     so as to get a little more control over the process,
     and because I always configure certain applications
     such as pine, and especially mc to my liking, and put
     the appropriate .files in /etc/skel before I create
     the user account's I actually use, I didn't use the
     installer to set up a 1st user because I most
     certainly didn't want my initial test user account to
     be a sudoer...)

Perhaps when ubuntu automatically sets up the "1st user account" it then
does more with the group name "admin" than simply creating such a group
with "groupadd admin" and adding the user to it with "usermod -G" ??
Or perhaps it's something that gets done to the sudoers file???

Anyway this is the result of trying to use sudo with joker after
verifying membership in admin...

# undefined -> /home/joker
# > grep admin /etc/group
# lpadmin:x:106:
# admin:x:114:joker
# undefined -> /home/joker
# > sudo apt-get update
# joker is not in the sudoers file.  This incident will be reported.
# undefined -> /home/joker
# >



> And I'm a living example of someone who HASN'T set up root on any of
> the Ubuntu systems I've installed. So far I have not found a single
> situation where I've needed it. Not that there isn't -- I know some
> folks feel like they have to have it, so of course it can always be
> added.

And I'm a guy who uses more than one linux distro (multi-boot) and I
want my methods of administering to them to remain consistent... Thus I
insist on a working root account...

For me the only security advantage that I believe "sudo" really has
over "su root -c" (that an outside "attacker" has a better chance of
cracking the root password because they already know the username is
"root") is of no consequence when my system is behind a router that
doesn't forward ANY ports thus preventing remote logins.

So I don't see the advantage of learning how to manually set up said
sudoer account. Now if there was a root script for adding sudoers that
automatically walked me through all the steps that the installer would
have done if I let it create my 1st user for me, I'd be very interested
in checking it out.

Though, if I were to start using sudo instead of an active root account
I would want to set up a single special full root privilege access
account. That any user whom I entrusted with the password to that account
can then use su with the sudoers account password to get to where they
can use sudo to do the root stuff. That's because I expressly don't want
any generic account that is used for everyday stuff to have it's own
password be enough to get access to root privileges...


   #############################################################
   ##_if_you'd_prefer_an_clearsigned_".asc"_text_file_of_this_##
   ##message_as_an_mime_encoded_attachment,just_ask_me_while__##
   ##it's_STILL_IN_my_outbox_folder_._._._=+=+=+=+=+=+=+=+;-)_##
   #gpg sig for: Joe (theWordy) Philbrook DSA key ID 0x6C2163DE#
   # You can find my public gpg key at http://pgpkeys.mit.edu/ #
   #############################################################
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFEBytxRZ/61mwhY94RAjdhAJwOIbX0e/S/+3IpKhBpX5lRO1KJrgCfWj/3
oIEI6ehs99dsZVSQ+zy4JzI=
=k4dC
-----END PGP SIGNATURE-----
-- 
|				      ---   ---
|     Joe (theWordy) Philbrook	      <o>   <o>
|	   J(tWdy)P			  ^
|	<<jtwdyp at ttlc.net>>		/---\	"bla bla bla..."
|					\___/	"...and bla..."

   At least I know my mouth is running, I just can't find the off button!





More information about the ubuntu-users mailing list