LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 10-16-2014, 02:30 AM   #1
kikinovak
MLED Founder
 
Registered: Jun 2011
Location: Montpezat (South France)
Distribution: CentOS, OpenSUSE
Posts: 3,453

Rep: Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154
Membership in sudo group


Hi,

I practically never use the sudo command on a Linux system. Either I work as a normal user. Or I switch to the root account using 'su -' for administrative tasks. In the rare case I have to work on a Ubuntu server, first thing I do is activate the root account.

On a Slackware system, what's the difference between being a member of the sudo group and not being a member? I just experimented a bit, and in either case, a normal user can become root using 'su -'.

Cheers,

Niki
 
Old 10-16-2014, 02:48 AM   #2
kikinovak
MLED Founder
 
Registered: Jun 2011
Location: Montpezat (South France)
Distribution: CentOS, OpenSUSE
Posts: 3,453

Original Poster
Rep: Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154
Thinking of it. When a user is created, adduser suggests to add the user to a collection of additional groups:

Code:
Press ENTER to continue without adding any additional groups 
Or press the UP arrow key to add/select/edit additional groups 
:  audio cdrom floppy plugdev video power netdev lp scanner
I'm familiar with the effect of some of these. For example, a user who is not member of the plugdev group can't mount a USB stick or an external hard disk. If someone knows the exact effect of (non-)membership in these groups, I'd be grateful for the information, because I can't seem to find it.
 
Old 10-16-2014, 05:38 AM   #3
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Rep: Reputation: 1065Reputation: 1065Reputation: 1065Reputation: 1065Reputation: 1065Reputation: 1065Reputation: 1065Reputation: 1065
Like you (and I suspect a whole lot of other folk) I don't use sudo in favor of su -. I believe, however, that sudo lets you tailor what users can do without access to the root password; you can limit a user to necessary (maybe) tasks without giving away the keys to the kingdom. It's a question of granting permissions to extremely limited activities rather than being able to edit system files and the like, eh?

Hope this helps some.
 
Old 10-16-2014, 05:53 AM   #4
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 8,559

Rep: Reputation: 8113Reputation: 8113Reputation: 8113Reputation: 8113Reputation: 8113Reputation: 8113Reputation: 8113Reputation: 8113Reputation: 8113Reputation: 8113Reputation: 8113
Here at work, sudo is used extensively to give people a limited level of administrative access to servers, without the need for divulging the root password.
At home, I use sudo, so that only people in the "wheel" group can use sudo to become root at all (using "sudo -i"). Also, sudo configuration allows me to let mailman create mail aliases on the fly if new a list is being created.

I also limit the use of "su" through definitions in the file "/etc/suauth" (read "man suauth").

Eric
 
3 members found this post helpful.
Old 10-16-2014, 06:08 AM   #5
chrisretusn
Senior Member
 
Registered: Dec 2005
Location: Philippines
Distribution: Slackware64-current
Posts: 3,035

Rep: Reputation: 1592Reputation: 1592Reputation: 1592Reputation: 1592Reputation: 1592Reputation: 1592Reputation: 1592Reputation: 1592Reputation: 1592Reputation: 1592Reputation: 1592
I also use the wheel group to help control who has access to sudo and su as well. Normal users cannot use sudo or su at all unless I make the appropriate entries in sudoers and suauth. or add them to wheel.
 
Old 10-16-2014, 06:36 AM   #6
GazL
LQ Veteran
 
Registered: May 2008
Posts: 6,962

Rep: Reputation: 5094Reputation: 5094Reputation: 5094Reputation: 5094Reputation: 5094Reputation: 5094Reputation: 5094Reputation: 5094Reputation: 5094Reputation: 5094Reputation: 5094
Quote:
Originally Posted by kikinovak View Post
On a Slackware system, what's the difference between being a member of the sudo group and not being a member?
Nothing. Unlike Ubuntu, Slackware is sensible enough not to have a 'sudo' group.


There is a commented-out example rule in the /etc/sudoers file:
Code:
## Uncomment to allow members of group sudo to execute any command
# %sudo ALL=(ALL) ALL
... basically meaning: anyone in group 'sudo' can do anything, as anyone, anywhere.

IMO, it should stay commented out!

"someone All=(ALL) ALL" and 'sudo -i', really aren't best-practice use of sudo. Canonical really haven't done sudo's reputation much good by misusing it the way they have. And they've done a lot of novice users a disservice by teaching them bad habits.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Group membership and restrictions IsakovAN Linux - Security 2 12-21-2009 01:37 AM
Maximum setting for ID group membership polar_bear Linux - Server 5 01-26-2008 11:04 AM
Group Membership Limitations Kdr Kane Linux - Enterprise 1 08-23-2006 02:05 PM
Group membership? KlaymenDK Mandriva 4 06-25-2004 04:10 AM
Group Membership Question rlkiddjr Linux - General 3 06-18-2002 10:26 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 08:08 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration