LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (http://www.linuxquestions.org/questions/linux-software-2/)
-   -   Make superuser be authenticated in DSL (Damn Small Linux) 4.4.10 (http://www.linuxquestions.org/questions/linux-software-2/make-superuser-be-authenticated-in-dsl-damn-small-linux-4-4-10-a-691905/)

flouran 12-20-2008 11:05 AM

Make superuser be authenticated in DSL (Damn Small Linux) 4.4.10
 
Hi Guys,
I am currently running a multiuser ssh server, and everytime I login with a limited account and I want to run a command, "rm -rf /" (I wouldn't do that of course, but hypothetically say I did), it requires me to be a superuser -- obviously. So, then I do, "sudo rm -rf /" (quotes omitted). However, DSL 4.4.10 doesn't prompt me for the superuser password but instead simply logs me in. For me, this is dangerous because I don't want other users to mess up the OS. I have set the root password, but now how do I set it to prompt a user for the password everytime s/he wants to do something that requires admin privileges (does it have something to do with pam_authenticate?)?

Simon Bridge 12-21-2008 10:44 PM

Um - surely it prompts you for a password the first time you use a sudo command?

Is this "normal user" account the one you created first?
What happens if you try this with another account?

flouran 12-21-2008 10:48 PM

Quote:

Originally Posted by Simon Bridge (Post 3383520)
Um - surely it prompts you for a password the first time you use a sudo command?

Is this "normal user" account the one you created first?
What happens if you try this with another account?

No it doesn't prompt me. And even when I try it with another account, I can just type "sudo rm -rf /" without authentication.

Simon Bridge 12-22-2008 12:18 AM

What happens when you log in locally, not ssh, and try a regular user?

Verify by creating a wholley new user called "test", with defaults, log in as test and check the sudo behaviour.

The use of sudo in controlled by the sudoers file.
Check that - people who are not sudoers cannot use sudo at all. People who are sudoers need authentication, unless otherwise specified in sudoers.

flouran 12-22-2008 08:17 AM

Quote:

Originally Posted by Simon Bridge (Post 3383571)
What happens when you log in locally, not ssh, and try a regular user?

Verify by creating a wholley new user called "test", with defaults, log in as test and check the sudo behaviour.

The use of sudo in controlled by the sudoers file.
Check that - people who are not sudoers cannot use sudo at all. People who are sudoers need authentication, unless otherwise specified in sudoers.

If I run "sudo su" or "sudo -s" then I must authenticate. But if I run, "sudo rm -rf /" I don't need to authenticate. Maybe something is wrong with pam_authenticate, I'm guessing?

flouran 12-22-2008 08:47 AM

By the way, how do I install packages in DSL? I tried "apt-get install <packagename?" (quotes omitted) under the root user because supposedly it is based off of Debian; however, it seems as though there is no apt-get.

flouran 12-22-2008 10:50 AM

Quote:

Originally Posted by flouran (Post 3383909)
If I run "sudo su" or "sudo -s" then I must authenticate. But if I run, "sudo rm -rf /" I don't need to authenticate. Maybe something is wrong with pam_authenticate, I'm guessing?

No, I fixed it. It has nothing to do with pam_authenticate. I just had to edit the /etc/sudoers file.

Simon Bridge 12-26-2008 10:59 PM

Well done - I was waiting for you to mention trying sudoers. Now for that other thing: apt-get in DSL


All times are GMT -5. The time now is 09:04 PM.