Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm running Kubuntu Edgy Eft and have a simple question about root and non-root users.
I'm clear about not logging in as root, and about using sudo. No problem. What I'm wondering about is increasing the "power" of non-root users. I'm the only user of my system, and it's a little annoying to have to enter my password to make small changes (e.g., changing the time).
Is there any way I can choose what non-root users are allowed to do and not do? My install is new, so I'm making lots of tweaks and have to keep entering my password. Not a huge deal, but it would be nice to avoid that for certain things.
If there's a way to do that (or as a second option, to increase the password-cache time from 15 minutes), I'd love to know it.
You can make it such that all members of the 'admin' group can perform admin tasks without entering their password (still using sudo) by changing one line in /etc/sudoers. To edit this file, run 'sudo visudo' from a console and add NOPASSWD: to the %admin line, as in:
if you edit /etc/sudoers you can change the entry for your normal user to have the NOPASSWD option, whic does exactly what it says on the tin. check the sudoers manpage for more details.
Well, it's a bad idea to use the root account regularly, but that doesn't mean you shouldn't ever use it. Just login as root, set everything up, then go back to your normal account when you're done. You'll prolly still find a few tweaks to do, which can be done with sudo.
Other option is to, at least temporarily, remove the password requirement for sudo: choose whatever editor you like, open '/etc/sudoers'. You'll see your username, some spaces, and prolly 'ALL = ALL', Change that to 'ALL = NOPASSWD: ALL' then save the file.
I recommend changing it back when you're done with the tweaking, though.
Edit: Wow, I'm slow. Guess I shouldn't take a bathroom break in the middle of typing a post...
Last edited by theedisoneffect; 04-15-2007 at 04:26 PM.
Well, it's not a bad thing to use it... it's there for a reason. It's bad to make a habit of using it, because of security risks and the fact that you have full control to inadvertently screw something up while running as root.
Basically, use it when you need the administrative power, don't when you don't. And when you're configuring the system for the first time, or having trouble installing drivers, or whatever, well, then you need the administrative power.
Well, it's a bad idea to use the root account regularly, but that doesn't mean you shouldn't ever use it. Just login as root, set everything up, then go back to your normal account when you're done. You'll prolly still find a few tweaks to do, which can be done with sudo.
Other option is to, at least temporarily, remove the password requirement for sudo: choose whatever editor you like, open '/etc/sudoers'. You'll see your username, some spaces, and prolly 'ALL = ALL', Change that to 'ALL = NOPASSWD: ALL' then save the file.
I recommend changing it back when you're done with the tweaking, though.
It may be better to use NOPASSWORD for individual commands. Look at the mount example in the the sudoers file. Then the command to change the time could be run by members of a group without having to enter a password. Also look at the option to have sudoers enter there own password instead of the root password. This way you don't need to give out the root password. Some distro's preconfigure the sudoers file to do it that way normally.
Quote:
Originally Posted by Black_Hand
Why is it a bad thing to use the root account? The root account is the only one i could get to install my sound drivers.
If you have a number of commands to run as root to install your sound drivers, it would be fine to su to root and then install your drivers. Then exit and become a regular user again. This is still a lot safer then logging in as root.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.