I use su
I have sudo installed, but I never bothered to configure it. Quote:
|
I very rarely use sudo, particularly in some scripts launched from a normal user console.
David |
I like ktsuss as a lightweight replacement for kdesu. :)
|
I rarely use su. My sudo was compiled to allow non-password use by myself as a member of group root. If I need to make large changes I will sudo to init 3, log in as root, and proceed to do the work needed from the ASCII console. Otherwise it's sudo to burn, sudo to read restricted files, etc.; any time I am restricted as a user from doing what I then wish to do in a "normal" functional manner.
Any time temporary root privileges are sufficient to do what I want, the rational restrictions of sudo are my safe way to use root. I figure if you need the graphic terminal to do what you want done, sudo is the preferred application to gain root; su is overkill, and VERY dangerous in a graphics environment. It's so easy to get it wrong. |
Quote:
|
Quote:
Here's the way to do it: http://www.ducea.com/2006/06/18/linu...sswd-nopasswd/ |
With sudo you can specify every & each command allowed per user and / or per group, requiring or not the users password to confirm.
I am not a big fan of sudo, as it might create security holes and I *HATE* configurations where ALL users can execute ALL commands on ALL hosts just by using sudo. If you set up your system like this you might as well let everybody log in as root. In some situations, you will need sudo. Sometimes you need to allow users to execute some commands in a shell script and without typing passwords. In this case, I think it's best to specify the full command with parameters in sudoers (like "killall xxxx", not just "killall") so that permissions are as limited as possible. I also prefer to allow groups to execute commands, not users, but this goes for most system administration tasks. For instance, if you need users of department "xyz" to execute a "killall abc" command, put them in a group like "dept_xyz" and give permission to this group to execute "killall abc" - not to ALL users and not the "killall" command in general. Used with caution sudo can be an ally, without, it can become your grave. |
Quote:
|
Quote:
Same goes for SELinux. If you don't configure it properly you can seriously mess up your system. Moral: If you're looking to make your system more secure, make sure you configure the tools you are using properly or you may be doing the opposite. |
For some tasks I use su and for some I use sudo.
When I want to start root’s session in terminal or xterm I use “su -”. When I want to run as root some graphical application I use “su”. It’s possible because I set in my .xinitrc the command “xhost `hostname`”: $ cat ~/.xinitrc Code:
xhost `hostname` # cat /etc/sudoers Code:
Defaults timestamp_timeout = 0 To make usage of sudo painless I put in my .bashrc a bunch of aliases: $ cat ~/.bashrc Code:
export PS1="\u@\h:\w\$ " |
All times are GMT -5. The time now is 11:06 AM. |