Hi Guys,
I am currently running a multiuser ssh server, and everytime I login with a limited account and I want to run a command, "rm -rf /" (I wouldn't do that of course, but hypothetically say I did), it requires me to be a superuser -- obviously. So, then I do, "sudo rm -rf /" (quotes omitted). However, DSL 4.4.10 doesn't prompt me for the superuser password but instead simply logs me in. For me, this is dangerous because I don't want other users to mess up the OS. I have set the root password, but now how do I set it to prompt a user for the password everytime s/he wants to do something that requires admin privileges (does it have something to do with pam_authenticate?)?

Um - surely it prompts you for a password the first time you use a sudo command?

Is this "normal user" account the one you created first?
What happens if you try this with another account?

No it doesn't prompt me. And even when I try it with another account, I can just type "sudo rm -rf /" without authentication.

What happens when you log in locally, not ssh, and try a regular user?

Verify by creating a wholley new user called "test", with defaults, log in as test and check the sudo behaviour.

The use of sudo in controlled by the sudoers file.
Check that - people who are not sudoers cannot use sudo at all. People who are sudoers need authentication, unless otherwise specified in sudoers.

If I run "sudo su" or "sudo -s" then I must authenticate. But if I run, "sudo rm -rf /" I don't need to authenticate. Maybe something is wrong with pam_authenticate, I'm guessing?

By the way, how do I install packages in DSL? I tried "apt-get install <packagename?" (quotes omitted) under the root user because supposedly it is based off of Debian; however, it seems as though there is no apt-get.

No, I fixed it. It has nothing to do with pam_authenticate. I just had to edit the /etc/sudoers file.

Well done - I was waiting for you to mention trying sudoers. Now for that other thing: apt-get in DSL