SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Summary:
1. As root, run "visudo" to edit the sudoers file
2. Add a line for the user you want. Most people just do "username ALL=(ALL) ALL" but some would argue this is not what sudo is meant for.
3. Save and quit
As mentioned, the normal way is to use the /usr/sbin/visudo command.
Technically you do not have to use visudo, but the /etc/sudoers file normally has 440 permissions. To manually edit sudoers without visudo requires manually changing the permissions, edit the file, hope you do not make any silly editing mistakes, and then reset the permissions. Do know that sudo complains if the permissions of /etc/sudoers is not 440.
Thus the basic advice is just use visudo. As you can guess from the command name, the default editor that is used is vi. Elvis is the default vi in the stock Slackware. Fortunately, the stock Slackware build script uses the --with-env-editor build option. If you set the EDITOR or VISUAL environment variable to your preferred console text editor, then you will not be forced to use vi to edit the /etc/sudoers list. I use mcedit.
If you set the EDITOR or VISUAL environment variable to your preferred console text editor, then you will not be forced to use vi to edit the /etc/sudoers list.
Like this:
Code:
EDITOR=your-favorite-editor visudo
visudo is not the only command that relies on the EDITOR variable. You can add this line to your ~/.bashrc if you want your editor setting to stay:
Code:
export EDITOR=your-favorite-editor
I'm not sure if you have to specify the full path or just the name. I'd put in the full path, just to be safe.
After you have added your user account you might want to update your user's $PATH to include /sbin and /usr/sbin so that you don't have to type the full path for admin commands when running them with sudo
Distribution: Slackware (personalized Window Maker), Mint (customized MATE)
Posts: 1,309
Rep:
The more sophisticated /etc/sudoers file than:
Code:
username ALL=(ALL) ALL
would be:
Code:
Defaults timestamp_timeout = 0
User_Alias FULL = john
User_Alias PART = mary
Cmnd_Alias KILL = /bin/kill, /bin/killall
Cmnd_Alias HALT = /sbin/reboot, /sbin/halt, \
/usr/local/bin/suspend
Cmnd_Alias MOUNT = /bin/mount, /bin/umount
root ALL = (ALL) ALL
FULL ALL = NOPASSWD: KILL, HALT, MOUNT
PART ALL = PASSWD: KILL, HALT, \
NOPASSWD: MOUNT
As you can see in this case user john has full access to all commands while user mary has restricted access to kill, killall, reboot, halt commands and suspend script (she have to confirm these commands using her password).
Ubuntu and friends totally bastardised/mis-used it making it seem to be the be-all and end-all of user safety/security.
Indeed, I have said this elsewhere but I think it is worth repeating here. For a home desktop/laptop set-up in particular, where typically only one person admins the machine there is no real advantage to sudo.
Consider if I wanted to run the fake command 'example' once as a root user. Here is what I would actually have to type (where $password is my actual password).
Using su:
su[Enter]$password[Enter]example[Enter][Ctrl]+d
(Note: That is '[Ctrl]' and 'd' together to exit the root session, you obviously aren't typing the '+' character)
Using sudo:
sudo[space]example[Enter]$password[Enter]
Ignoring the characters needed that are the same in both cases (i.e. 'example' followed by [Enter] and your password followed by [Enter]), you have to type 5 key presses to execute a single command as root via 'su' (s u [Enter] [Ctrl] d) and 5 key presses to execute a single command as root via 'sudo' (s u d o [space]). Or to put it another way, you save nothing using sudo.
If however you wanted to type two or more commands as root, you immediately start saving on the key presses by using 'su' instead of 'sudo'. Yes the second 'sudo' command does not require a password but as long as you have not closed your root session yet (i.e. no Ctrl+d) you don't have to type your password again with 'su' either and you save having to write 'sudo' for every single line.
There is also the point that outside of distros where 'sudo' is preconfigured (e.g. Ubuntu and derivatives) you save time configuring '/etc/sudoers' and setting up various admin variables for your regular user.
Indeed the other nice thing with using 'su' is that you can just open a root terminal for all your admin needs and you decide if and when you should close it, rather than relying on preconfigured time-out periods with 'sudo'.
This allows me to shut down my pc via the fluxbox menu without giving me permission to use any other root commands.
For all other root functions, I use "su".
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.