sudo versus #

Rashkae ubuntu at tigershaunt.com
Thu Feb 11 00:28:00 UTC 2010 

KAYVEN RIESE wrote:
> On Wed, 10 Feb 2010, Tom H wrote:
> 
>> You can change the password behaviour of sudo by adding one of the
>> following to /etc/sudoers
>>
>> Defaults rootpw - expect root's password
> 
> I may be bordering on trolling (? trying to figure this one out) with my 
> insecurity here, but now I should be good to go, right?
> 
> [:: command line clip ::]
> 
> 
> root at kayve-laptop:/etc# pwd
> /etc
> root at kayve-laptop:/etc# cat sudoers
> # /etc/sudoers
> #
> # This file MUST be edited with the 'visudo' command as root.
> #
> # See the man page for details on how to write a sudoers file.
> #
> 
> Defaults	env_reset
> Defaults 	rootpw
> 
> # Host alias specification
> 
> # User alias specification
> 
> # Cmnd alias specification
> 
> # User privilege specification
> root	ALL=(ALL) ALL
> 
> # Uncomment to allow members of group sudo to not need a password
> # (Note that later entries override this, so you might need to move
> # it further down)
> # %sudo ALL=NOPASSWD: ALL
> 
> # Members of the admin group may gain root privileges
> %admin ALL=(ALL) ALL
> root at kayve-laptop:/etc#
> 
> [:: end clip ::]
> 
> 
>> -- 
>> ubuntu-users mailing list
>> ubuntu-users at lists.ubuntu.com
>> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>>
> 
> *----------------------------------------------------------*
>    Kayven Riese, BSCS, MS (Physiology and Biophysics)
>    (415) 902 5513 cellular
>    http://kayve.net
>    Webmaster http://ChessYoga.org
> *----------------------------------------------------------*
> 

I would suggest you don't go around changing or disabling sudo unless 
you understand it better. You'll only end up causing yourself grief that 
no one will be able to untangle..

Launch gconf-editor, Open Apps -> gksu and take the check mark off 
sudo-mode.  Then the programs that use gksu will need root password (su 
mode) just as you're used too.

That does not take care of policy-kit however, which is a different 
kettle of fish entirely.  Policy-kit are mostly those windows that have 
an "Unlock" button.  Probably the easiest way to prevent your user 
password from unlocking those is to remove your user from the "Admin' 
Group,, but be certain that your root password, su and gksu are working 
as you expect fist.

More information about the ubuntu-users mailing list