Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
03-15-2005, 02:23 PM
|
#1
|
Member
Registered: Nov 2004
Distribution: CentOS-4
Posts: 142
Rep:
|
root-a-like
ok - so i would like to avoid logging in as root as much as possible, but about 80% of the time if I log under some other account, I need root privlages. SU - just doesn't seem to be enough for me.
So - does anyone have any tips they can share on how to set-up an account that has the power of root, but doesn't let a person do anything 'dangerous'?
So I guess I want to be as close as root as possible without being root.
|
|
|
03-15-2005, 02:31 PM
|
#2
|
LQ Guru
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507
Rep: 
|
1000
Well, having the power of root implies having the danger of root. A suitable alternative/middleground to the use of the root account is the sudo package. Sudo uses a file (/etc/sudoers) that contains a list of users, groups, and commands. Through this file, you could, for example, give a user full power of root, but require them to re-enter their password. Or, with the (NOPASSWD) option, without re-entering the password. Or you could limit a user to using, say, 'mount'. Or 'ifconfig'. Beware allowing sudo access to an editor: they could edit the sudoers file.
All the user has to do is prefix commands they wish to execute with elevated privileges with the 'sudo ' command. Under gentoo, I can allow a user to install software by giving them sudo access to 'emerge'. The user could then run 'sudo emerge k3b' to install k3b on the system.
Hope this helps!
|
|
|
03-15-2005, 02:44 PM
|
#3
|
Moderator
Registered: Nov 2002
Location: Kent, England
Distribution: Debian Testing
Posts: 19,192
|
Of course, if you run you get to be root totally, then type exit to log out of root and be back at your own account. What's wrong with "su", does everything I need it to.
|
|
|
03-15-2005, 03:05 PM
|
#4
|
LQ Guru
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507
Rep: 
|
I originally used sudo on a server where we wanted to give many users partially elevated privileges. Hence, the ideal situation of sudo. It also keeps me from "forgetting" that I'm logged in as root after I su.
I use su for longer tasks, but sudo if I just need to do one or two things. And, if sudo is configured to allow you to do ANYTHING without a password, you can do: 'sudo su -'  to save some typing. or alias rootme='sudo su -'. 6 characters to root!
In any case, I think sudo vs su is a lot like KDE vs Gnome: they both work, and different people swear by them.
|
|
|
All times are GMT -5. The time now is 06:02 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|