24.10.2025, 05:28 UhrDeutsch | English
Hallo Gast [ Registrierung | Anmelden ]

Neues Thema eröffnen   Neue Antwort erstellen
Vorheriges Thema anzeigen Druckerfreundliche Version Einloggen, um private Nachrichten zu lesen Nächstes Thema anzeigen
Autor Nachricht
coady
Titel: Adding user to sudo group?  BeitragVerfasst am: 28.10.2006, 08:16 Uhr



Anmeldung: 19. Okt 2006
Beiträge: 41
Wohnort: Berlin
Is it a good idea to set up a "user_name" account to belong to the "sudoer" group in order to run commands from the console... rather than to changing to "root"?

If so, how should I go about doing this? Or, can anyone advise of a different way to setup. I have a "user_name" account which I login with, and a "root" password which I enter when prompted (either in the console or desktop shell).

Thanks. coady
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
devil
Titel: Adding user to sudo group?  BeitragVerfasst am: 28.10.2006, 08:39 Uhr
Team Member
Team Member


Anmeldung: 06. Mai 2005
Beiträge: 3087
Wohnort: berlin
i use yakuake as console and always have a few instances of it open, like 1 for user, 1 for root, 1 for htop and whatever i need. so F12 will give me what i need real fast. very comfortable and no need for sudo.

greetz
devil

_________________
<<We are Xorg - resistance is futile - you will be axximilated>>

Host/Kernel/OS "devilsbox" running[2.6.19-rc1-git5-kanotix-1KANOTIX-2006-01-RC4 ]
CPU Info AMD Athlon 64 3000+ clocked at [ 803.744 MHz ]
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
Swynndla
Titel: RE: Adding user to sudo group?  BeitragVerfasst am: 28.10.2006, 08:46 Uhr



Anmeldung: 05. Dez 2005
Beiträge: 414
Wohnort: Auckland, New Zealand
If you google then you'll find there are two schools of thought on this.

One school of thought says that sudo shouldn't be used for security reasons, as it's effectively creating a 2nd root account, as if someone knows your password then they can do things as root. It means that someone has more than one password to try and crack: root's, and yours ... and so you might have doubled the chance of someone cracking an important password. People who say this will say that you should use "su" or even better "sux".

The other school of thought says that it's damn useful to have sudo. If you want to add a user the sudoers list, then do as root:
visudo
... it'll open it up in your default command line editer (you must know how to use this) and under:
root ALL=(ALL) ALL
put:
xxxx ALL=(ALL) ALL
... where xxxx is your username. Save and exit. You may have to log out and in again for it to take affect. Now, with normal debian sudo, it'll ask you for the user's password (not root's password) and remember that for 15 minutes, so that you don't have to keep typing in your password, but there is a bug in kanotix (and knoppix) where it'll never ask you for you password, and this makes sudo even more unsecure.

_________________
Linux is evolution, not intelligent design - Linus Torvalds
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
coady
Titel: RE: Adding user to sudo group?  BeitragVerfasst am: 28.10.2006, 08:54 Uhr



Anmeldung: 19. Okt 2006
Beiträge: 41
Wohnort: Berlin
Thanks for your response. Could you explain what "yakuake" is and how I should use it? (Sorry...)

Also, I am going crazy with a password problem. I even did a clean install last night thining that might resolve it (I have a lot to learn!).

I can still open a console and run:
su
"my_passwd"
and get root.

The problem is I am not too familiar with doing complex things from the console YET, and have been using a root level text editor to "point and click" then edit files (old windows habits die hard, unfortunately). But I can't open these editors now. I can't change anthing from the desktop (e.g. time, add user account, nothing!) I am not sure why this happened.

Please help.
coady
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
coady
Titel: RE: Adding user to sudo group?  BeitragVerfasst am: 28.10.2006, 09:32 Uhr



Anmeldung: 19. Okt 2006
Beiträge: 41
Wohnort: Berlin
OK, Thanks. It sounds like it is better not to use "sudo".

Also, do you know how can I resolve the problem (above) where, in the desktop shell, I am prompted for my "root_passwd" but it is no accepted. As I said, it is still valid in switching to root in a console window (i.e. "su" then "passwd").
coady
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
shame
Titel:   BeitragVerfasst am: 28.10.2006, 09:32 Uhr



Anmeldung: 16. Apr 2006
Beiträge: 207
Wohnort: England
Zitat:
there is a bug in kanotix (and knoppix) where it'll never ask you for you password, and this makes sudo even more unsecure

Remove user from the sudoers group and use
Code:
username  ALL=(ALL) ALL
in /etc/sudoers.
Or if you want multiple users to use sudo create a group called wheel or admin or whatever and add the users to that group and use this as the line in /etc/sudoers -
Code:
%wheel  ALL=(ALL) ALL

Also, to make it ask for a password more often add this (probably has to be above the other lines)
Code:
Defaults timestamp_timeout=1

Change the value to 0 to make it ask for a password every time.
When I first tried using sudo on kanotix it took me ages to work out how to get it to ask for password.

_________________
sidux 32 & 64 | PCLinuxOS | PC-BSD
repository of shame - compiz fusion & beryl repo for debian Sid/Lenny/Etch | 32-bit | 64-bit
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
coady
Titel:   BeitragVerfasst am: 28.10.2006, 09:45 Uhr



Anmeldung: 19. Okt 2006
Beiträge: 41
Wohnort: Berlin
If I don't want to use "sudo" how do I resolve the current password issue (sorry if I am missing something here, and also there are some time problems between posts...).
coady
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
piper
Titel:   BeitragVerfasst am: 28.10.2006, 17:00 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
Try ALT+CTL+F1 (log in as root)

Code:
passwd <username>


change your password

If you are looking to just edit a file, right click on that file > actions > edit as root > a prompt will show to enter your root password, then edit, save & exit

To use yakuake go to

Code:
kmenu > lost & found > yakuake


wait for it to load, then press F12, right click anywhere on it > settings > save as default, restart x (ALT+CTL+Backspace) then anytime you need a console press F12

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
coady
Titel:   BeitragVerfasst am: 28.10.2006, 17:15 Uhr



Anmeldung: 19. Okt 2006
Beiträge: 41
Wohnort: Berlin
Thanks piper!
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
Beiträge vom vorherigen Thema anzeigen:     
Gehe zu:  
Alle Zeiten sind GMT + 1 Stunde
Neues Thema eröffnen   Neue Antwort erstellen
Vorheriges Thema anzeigen Druckerfreundliche Version Einloggen, um private Nachrichten zu lesen Nächstes Thema anzeigen
PNphpBB2 © 2003-2007 
 
Deutsch | English
Logos and trademarks are the property of their respective owners, comments are property of their posters, the rest is © 2004 - 2006 by Jörg Schirottke (Kano).
Consult Impressum and Legal Terms for details. Kanotix is Free Software released under the GNU/GPL license.
This CMS is powered by PostNuke, all themes used at this site are released under the GNU/GPL license. designed and hosted by w3you. Our web server is running on Kanotix64-2006.