Date: Wed, 8 Aug 2001 12:07:02 +0200 (CEST) From: =?iso-8859-1?q?m=20p?= <sumirati@yahoo.de> To: chip.wiegand@simrad.com Cc: freebsd-questions@freebsd.org Subject: Re: Sudo Was: Re: Solved: Was:Re: root/superuser account - big problem - please help Message-ID: <20010808100702.25638.qmail@web13306.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
First, my apologies for top-posting, I am stuck with Lotus Notes and it sucks for an email client (here at work). I don't know if it handles inline replies properly. > I have heard of but not tried sudo. You mention that it allows the user to > do everything the root > can do, but without the password. Is this a good thing? I can't imagine > how. Why not just use the > root account? I wouldn't want to configure any group to do everything root > can do, considering > the other person who needs to be in that group. (He's only there in case I > leave this place, and is > clueless in anything other than NT.) > I just installed sudo since writing that last paragraph, so I'll be trying > it. > Regards, > Chip Hi, please take a look at /usr/local/etc/sudoers.sample This file gives you an excellent overview of the possibilities (and dangers) while configurating. You can add for your UID that you can type "sudo reboot" (or any other command) with or without YOUR password. So no one can type "sudo reboot" while you are not at your place and without knowing your password. The example would be like (assumed your UID is 'chip') chip ALL = REBOOT, SU you will need a password (if not add the following line) on all computers (which can be accessed via rsh/rlogin mechanism) the commands in the groups REBOOT and SU. Example with no passwd: chip ALL = NOPASSWD: REBOOT, SU For my original mail i assumed, that you trust! all users in the WHEEL-group - therefore you would not have to implement all kind of security. Hope that helps Marc __________________________________________________________________ Do You Yahoo!? Gesendet von Yahoo! Mail - http://mail.yahoo.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010808100702.25638.qmail>