[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 30/03/17 18:21, Neil via list wrote: > On 30/03/17 13:10, Brad Rogers via list wrote: >> On Thu, 30 Mar 2017 12:24:20 +0100 >> Neil via list <list@xxxxxxxxxxxxx> wrote: >> >> Hello Neil, >> >>> possible/easy to set one password to log on and another one to use with >>> sudo? And secondly, if so, is it a good idea? >> >> Not with one user. Martin suggests a method that works, but you need to >> change user to perform any admin; Switch to admin user, then perform >> admin tasks. That requires logging into a second account, then issuing >> an "sudo....blah, blah". Multi-staging like that gets old pretty >> quickly. Kind of negates the whole point of sudo, which is to give >> users limited, short-term, access to privileged commands. >> >> >> > Yes, I see that. Obviously I have been using the one user plus sudo > system for years. I suppose if I change the root password it will > automatically change the log on password too. > > Neil > I'm not sure when it happened, but it became <debuntu> policy not to set the root password. In Gentoo (for example) you have to explicitly install the 'sudo' package, so they do expect you to set a root password, although I don't normally. I've also had to add packages for 'kdesudo' (for KDE packages which need elevated privileges) or 'gksudo' (for gnome-based apps). You don't use 'sudo' if there's a root password set, you can just use 'su' (instead of prompting for the user password, you enter the root password). You may wish to check/change your /etc/sudoers and /etc/sudoers.d config files to relinquish control (see man pages) for normal users. You can also check whether your users are members of the 'sudoers' or 'wheel' group, which also 'allow' you to use the sudo command. Any failed use of the commands, are always logged to the syslog. **[You as in the royal 'one', as in the royal 'we'] HTH, BR, Michael.
Description: OpenPGP digital signature
-- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq