Why a user isn't opening by its own name while giving it root privileges ?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch, AntiX, ArtiX
Posts: 1,363
Rep:
Quote:
Originally Posted by sunilchand
Yes, I understand that it's not good to change uid and gid value. It's rather to choose "Sudoers" file for the same.I have changed privilege of any user by editing this User1 ALL= (ALL: ALL) ALL.. Something like that.. But I want this command for some specific command not for all command.. How to do that?
Hi again sunilchand ... The usual way to use sudo is with the wheel group. Any user you want to be able to use the sudo command should be added to the group named "wheel". Then, edit the sudoers file (be careful to follow your distro's instructions on how to do this - should only be done with the visudo command) and uncomment the line giving members of the wheel group sudo privileges. This makes it easier thereafter to manage users' sudo privileges by simply adding them or deleting them from the wheel group.
Hi again sunilchand ... The usual way to use sudo is with the wheel group. Any user you want to be able to use the sudo command should be added to the group named "wheel". Then, edit the sudoers file (be careful to follow your distro's instructions on how to do this - should only be done with the visudo command) and uncomment the line giving members of the wheel group sudo privileges. This makes it easier thereafter to manage users' sudo privileges by simply adding them or deleting them from the wheel group.
Hope this helps.
Cheers :-)
He said he wants to give sudo permission for a specific command, not all commands. The entire concept of giving a regular user unlimited sudo access is a security problem and should be avoided, "wheel" group or otherwise.
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch, AntiX, ArtiX
Posts: 1,363
Rep:
Quote:
Originally Posted by suicidaleggroll
He said he wants to give sudo permission for a specific command, not all commands. The entire concept of giving a regular user unlimited sudo access is a security problem and should be avoided, "wheel" group or otherwise.
suicidaleggroll ... I was approaching the OP's question with the understanding that the user for which the sudo access was required was not a "regular" user, but someone with an administrator role. If I misinterpreted the issue and this is not the case, I agree with your point.
suicidaleggroll ... I was approaching the OP's question with the understanding that the user for which the sudo access was required was not a "regular" user, but someone with an administrator role.
By "regular user" I mean a regular user account, aka anyone other than root. It doesn't matter if the person in control of that account is a user or an admin. There are special safeguards in place to lock down the root account, these safeguards do not apply to user accounts. Things like refusing to run web browsers as root, refusing to log into the GUI as root, disabled remote SSH access to the root account, etc. When a user account has full sudo access, they essentially become root, and these safeguards become null and void.
Last edited by suicidaleggroll; 01-27-2017 at 01:13 PM.
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch, AntiX, ArtiX
Posts: 1,363
Rep:
Quote:
Originally Posted by suicidaleggroll
By "regular user" I mean a regular user account, aka anyone other than root. It doesn't matter if the person in control of that account is a user or an admin. There are special safeguards in place to lock down the root account, these safeguards do not apply to user accounts. Things like refusing to run web browsers as root, refusing to log into the GUI as root, disabled remote SSH access to the root account, etc. When a user account has full sudo access, they essentially become root, and these safeguards become null and void.
Well explained, thanks - I was not thinking of those particular safeguards when responding.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
