sudo and /etc/sudoers
Derek Broughton
derek at pointerstop.ca
Wed Dec 31 14:15:07 UTC 2008
Matthew Flaschen wrote:
> Res wrote:
>
>> users should never be able to run root programs. this might be fine for
>> your lil home 1337 b0x3n, but not fine in the real world.
>
> That's bull. There are plenty of cases where it's safe to let users run
> certain apps as root. /sbin/ifup is just one obvious example.
>
Also, sudo is not just for root access. I'm a DBA - much of my Postgres
admin has to be done as user postgres - who doesn't actually have a
password. So there are two ways in:
sudo -u postgres COMMAND
or
su postgres -c COMMAND
There's no way that somebody whose only admin function is as a DBA should
need the root password - and equally no good reason to make "postgres" a
login account.
More information about the ubuntu-users
mailing list