Users and Groups ID

NoOp glgxg at sbcglobal.net
Sun Jun 22 19:26:32 UTC 2008


On 06/22/2008 11:12 AM, Chris Rees wrote:
>> From: NoOp <snip> wrote:
[snip]
>>>>
>>>> Just a hint:
>>>> There's no need to have sudo call the program 'su' to get a login
>>>> shell for root. The following is shorter and simpler:
>>>>
>>>> sudo -i
>>>
>>> You are correct.  I keep forgetting about the -i option.  Earlier
>>> versions of sudo did not have the -i option.  Old habits die hard. ;-)
>>
>> Just
>>
>> su
>>
>> will work just fine.
>>
> 
> Not when the first line of /etc/shadow reads:
> 
> root:!:13930:0:99999:7:::
> 
> su requires a password; by default Ubuntu has the password 'starred'
> (or banged as it appears :S)
> 
> Chris
> 

Correct - I tend to forget about the 'sudu -l' option which is indeed
safer than 'su' as you do not need to enable a password for root and
keeps you in the user environment:

-i  The -i (simulate initial login) option runs the shell specified in
the passwd(5) entry of the user that the command is being run as.
The command name argument given to the shell begins with a - to
tell the shell to run as a login shell.  sudo attempts to change to
that user’s home directory before running the shell.  It also ini‐
tializes the environment, leaving TERM unchanged, setting HOME,
 SHELL, USER, LOGNAME, and PATH, and unsetting all other environment
variables.  Note that because the shell to use is determined before
the sudoers file is parsed, a runas_default setting in sudoers will
specify the user to run the shell as but will not affect which
shell is actually run.

Note: there is no need send to the list user on your replies - all are
subscribed anyway so all you need to do is reply to the list.






More information about the ubuntu-users mailing list