sudo changes the owner and the group of some my files and now I can't enter in X
I want to use k3b with my user totoro as root with sudo.
So I changed the file /etc/sudoers n this way:
# Host alias specification
Host_Alias SLACK = slack
# User alias specification
User_Alias TOTORO = totoro
# Cmnd alias specification
Cmnd_Alias MASTERIZZARE = /usr/bin/cdrecord, /opt/kde/bin/k3b
# Defaults specification
# User privilege specification
root ALL=(ALL) ALL
TOTORO SLACK= MASTERIZZARE
# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users localhost=/sbin/shutdown -h now
if I type sudo /opt/kde/bin/k3b
and the I type my password
but then the folders: .kde .qt and the file .ICEauthority change goup and owner. From totoro.users to root.root
so now I can't enter in X anymore.
I don't understand why. is there something wrog in my sudoers configuration?
Don't run it as root.
You probably need to add the "setuid" bit in the permissions of cdrecord. Do a search if that is your problem. - ie. if you can't burn cds as a normal user
what is it setuid?
Open a terminal and type "man setuid"!!
Basically, if you have the "setuid" bit set to 1 in the permissions of any executable file and allow all to run it, no matter who runs that file the process is always owned by the owner of the file.
So if root owns cdrecord and the setuid bit is on then it will always run as root.
to set the setuid bit:
chmod u+s /usr/bin/cdrecord
see also man chmod
I readed yes this man, but I dind't understan it. with chmod u+s /usr/bin/cdrecord and /usr/bin/cdrdao k3b works. so thansk!
But setuid allows everybody to use k3b, and I would like only my user can use it.
groupadd -g 110 burning
chgrp burning /usr/bin/cdrecord
chmod 754 /usr/bin/cdrecord
Then edit /etc/group and add your username:
I think there's a command for that but I can't remember.
note: you don't NEED to use the -g option - see man groupadd
Alternatively use the sudo command - see man sudo
As you can tell, it really helps YOU to read the man pages.
*edited for incorrect groupadd command*
edit 2: you still need the setuid bit after doing this
|All times are GMT -5. The time now is 10:27 AM.|